Announcement

Collapse
No announcement yet.

Unable to view detail of event logs Events/ForwardedEvents

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • dhotan
    Guest replied
    OK, I see. Under Tools / Settings / Display / Display Mode:EVTX Events, I added the 'Computer' & 'Description' columns and voila!

    Thank you for the help.

    Leave a comment:


  • cmccullough
    Guest replied
    We were able to duplicate the error you are getting and are looking to see if we can fix it. To add the computer these events are forwarding from you can add the Computer column (along with any others) to the display by going to Tools->Settings->Display and changing the Display Mode to EVTX Events. The instructions I gave above are for pre-EVTX event views.

    Leave a comment:


  • dhotan
    Guest replied
    Events / Filter does NOT show me the "ForwardedEvents" log. Other logs are there (System, Application, etc..). That's odd.

    Leave a comment:


  • cmccullough
    Guest replied
    Right-click on a server or selection of servers and choose Events->Filter Events. Choose the log you want and click OK. Do you see it there? If you are expanding a computer, expanding Events then double-clicking on one of the logs there, you won't see the Server column since you are only viewing events from that one computer.

    Leave a comment:


  • dhotan
    Guest replied
    Hi,
    I verified that too. Tools / Settings / Display tab / Display Mode : Events

    Under Current Columns: Server, Time, Source, etc...

    Under Available Columns: empty.

    Eventhough Server column is selected, it is not displaying in the right pane.

    Leave a comment:


  • cmccullough
    Guest replied
    Server should be one of the default fields for Events. Go to Tools->Settings->Display, change the Display Mode to Events and make sure Server is at the top.

    I'll have to do some testing on the other issue.

    Leave a comment:


  • dhotan
    Guest started a topic Unable to view detail of event logs Events/ForwardedEvents

    Unable to view detail of event logs Events/ForwardedEvents

    Hyena v9.0 'D'

    I have a Windows 2008 R2 server that is running Microsoft Event Collection Service. It populates log Events/ForwardedEvents.

    Issue #1. Since each event in this log comes from many servers, we need to see a "Server" column in Hyena (right pane) to know which server the event occured on.

    Issue #2. When double-clicking on an event in ForwardedEvents log, this error messag appears:
    "Error getting next event log 'System' entry on 'servername'. No more data is available".

    Thank you.
Working...
X