Skip to main content
AI Assist is now on Stack Overflow. Start a chat to get instant answers from across the network. Sign up to save and share your chats.
66 questions
Newest Active Bountied Unanswered
0 votes
0 answers
53 views

I have been trying to minimize the logs sent to SIEM by filtering them at the source. You can find the filter I used below. It is long. Instead of using a long <Select> statement with inverted ...
Zafer Balkan's user avatar
  • 182
0 votes
0 answers
61 views

I wrote event log manifest file with provider and channel. Now, I have to split it to different event sources, and now I am a little bit confused how to do this. What part of manifest becomes a source ...
drem1lin's user avatar
  • 389
0 votes
3 answers
797 views

I have quite a usual for every sysadm in task: to audit access to certain folders on fileserver during last, e.g. 1 day. But in addition I need to rule out access attempts from certain processes. What ...
GregoryA's user avatar
  • 1
1 vote
1 answer
3k views

I'm recently using ETW to collect events from builtin providers. I use logman to consume events and save them to a .etl file, like this: logman create trace evt -p Microsoft-Windows-RPC -ets ...After ...
1c3's user avatar
  • 11
0 votes
1 answer
1k views

An EventLog was exported from a server to a file named Exported_ErrorLog.evtx. I would like to filter all entries created in 2023 group by Text <EventData><Data> (see xml below) and count ...
surfmuggle's user avatar
  • 6,040
0 votes
1 answer
162 views

I have WiX 4.0 project. I'm using Util to create Windows EventLog event source. The problem is, the Registry entry to the EventMessageFile gets the path prepended with "#%". Therefore, the ...
Daniel Schmid's user avatar
  • 757
-2 votes
1 answer
1k views

The event logging service encountered an error while processing an incoming event published from Microsoft-Windows-Security-Auditing. None of my process creation event is being logged. All these logs ...
Selva Kumaresan's user avatar
  • 1
0 votes
0 answers
72 views

I have two properties of Type IDictionary<string, Object> ConfigProperties and CustomProperties Both have the same values set to them. But one is set through a constructor and the other is ...
Ahune ajé o ahe's user avatar
  • 133
0 votes
0 answers
436 views

It is about to collect logs of event viewer from the remote machine.I have tried Event Logging api so far. Though,It works well by reading logs from the localhost,was failed to read from remote ...
Shyaam sundar's user avatar
  • 1
1 vote
1 answer
489 views

After enabled Logging of SignalR component through adding a <system.diagnostic> section to the web.config of my app, i've experienced the following problems: if logging is configured to log ...
Manfred's user avatar
  • 11
1 vote
2 answers
206 views

Does anyone have an idea why the '.NET Runtime' Event source does not behave like a normal event source? var logCheckOne = EventLog.Exists(".NET Runtime"); var logCheckTwo = EventLogSession ...
Bitfiddler's user avatar
  • 4,212
2 votes
0 answers
240 views

I am trying to read an exported evtx event log file in an Azure Function. I receive the file content as a byte array and then write to a temporary file. I then try to create an instance of ...
robhurry's user avatar
  • 21
0 votes
1 answer
596 views

Can anyone tell is there any inbuilt module or way to fetch the event traces from event viewer in angular 2+ ? Like how we use system diagnostics Eventlogs extension to fetch traces in c#. Thanks in ...
Naveen's user avatar
  • 5
1 vote
1 answer
1k views

My BAT file (below) runs perfectly when I run it from an elevated command prompt or Right-Click -> Run as Administrator. However, when I put it in my Windows 10 Task Scheduler, it will not run. What ...
JasonRobi's user avatar
  • 31
0 votes
1 answer
2k views

I am trying to read windows event logs for: "Microsoft-Windows-Sysmon/Operational" I tried: string eventLogName = "Microsoft-Windows-Sysmon/Operational"; EventLog eventLog = new ...
Rahul's user avatar
  • 21

15 30 50 per page
1
2 3 4 5