Home

Forums
       Operations Manager
       MP Development
       Config Manager
       CP Development
       Data Protection Mgr
       Essentials (SCE)
       Hyper-V
       SCVMM
       Service Manager
       Cross-Platform

Articles
       Operations Manager
       MP Development
       Config Manager
       CP Development
       Data Protection Mgr
       Essentials (SCE)
       SCVMM
       Hyper-V
       Virtualization
       Service Manager
       Cross-Platform

Downloads
       Operations Manager
       Config Manager
       Data Protection Mgr
       Essentials (SCE)
       SCVMM
       Scripts
          Samples (SCOM 2007)
       Service Manager
       Cross-Platform

Pack Catalog
       MP Catalog
       CP Catalog

WIKI

Community
       Blogs
       Community Feedback

User Groups
       Arizona Systems Management User Group
       Atlanta Systems Management User Group
       Microsoft Enterprise Management User Group (Denver
       System Center Professional's User Group of Jax (Fl
       New York System Center User Group
       Portland EPG System Center User Group
       Northwest System Center User Group (Seattle)
       System Center User Group (Netherlands)
       System Center User Group (Belgium)
       System Center User Group (Malaysia)
       System Center Virtual User Group
       Powershell Virtual User Group

RSS Feeds

Web/Podcasts
       Virtualization
       Essentials (SCE)
       SCVMM
       Hyper-V
       Data Protection Mgr
       Operations Manager
       Config Manager

Events
Corrupt Event Log Alert
Home  » Operations Manager  » Corrupt Event Log Alert

Corrupt Event Log Alert
Posted: Tue, Jan 19, 2010 2:29 PM :: Rank: 0
Author
Points: 4551
Level: System Center Specialist

back in mom 2005 there was an alert when an agent's windows event log became corrupted. i assume because scom doesn't use used the event logs asheavily as mom, this rule/monitor was left out of scom 2007. whatever the reason, i dont'  see this alert in scom. i have a machine running both agents, and scom makes no note of the system log being corrupt on that machine.

even if scom isn't using the windows logs as much, i'd still like to know if the log is corrupt on a box. am i missing anything or do i need to create a custom monitor for this? if so, any ideas as to how to just check to see if i can read a certain event log?
Reply  
Report Abuse
RE: Corrupt Event Log Alert
Posted: Tue, Jan 19, 2010 3:40 PM :: Rank: 0
Author
Points: 2731
Level: System Center Specialist

Hello,

There are a number of monitors for checking the event log.  There are:

  • Failed Accessing Windows Event Log
  • Many Corrupt or Unreadable Events
  • Processing Backlogged Events Taking a Long Time

  • Unable to Process Windows Event Log

All these monitors are targeted at the Health Service class and are enabled by default.  Do these cover what you after?

David

Accepted Answer
Reply  
Report Abuse
Re: Corrupt Event Log Alert
Posted: Tue, Jan 19, 2010 5:46 PM :: Rank: 0
Author
Points: 4551
Level: System Center Specialist
they certainly would, if they weren't all green in scom even though i can't open the system log. :)

thanks david. now that i know where to look i will do some more investigating. probably something wrong with the agent.
Reply  
Report Abuse

Home  » Operations Manager  » Corrupt Event Log Alert
Tag Cloud
Quick Links
Top Contributors
Pete Zerger
Points: 29130
Level: System Center Expert
Simon Skinner
Points: 24529
Level: System Center Expert
Tommy Gunn
Points: 20757
Level: System Center Expert
Stefan Koell
Points: 12514
Level: System Center Expert
MadHatter
Points: 11676
Level: System Center Expert
    
Copyright 2009 by System Center Central