Jump to content


Photo

how it works Event Log Manager...


  • Please log in to reply
2 replies to this topic

#1 Novikov Dmitriy

Novikov Dmitriy

    Newbie

  • Members
  • Pip
  • 1 posts

Posted 14 November 2012 - 06:53 AM

Решили посмотреть програмку Event Log Manager. Но она что то не работает или может так и надо?

В папке "c:\ProgramData\NetWrix\Management Console\Data\sessions\New_x0020_Computer_x0020_Collection" создаются файлы с таким содержимым:
In the folder "c:\ProgramData\NetWrix\Management Console\Data\sessions\New_x0020_Computer_x0020_Collection" creates a file with the following content:
<?xml version="1.0" encoding="utf-16"?>
<Session>
  <Computers />
  <IsHiddenSession>true</IsHiddenSession>
  <ManagedObjectName>New_x0020_Computer_x0020_Collection</ManagedObjectName>
  <Name>7 ноября 2012 г. at 9:37:12</Name>
  <Status>ssFatalError</Status>
  <ErrorText>EventCollector has no reports</ErrorText>
  <DateTimeGenerated>2012-11-07T05:37:12.1684764Z</DateTimeGenerated>
</Session>

В файле "c:\Program Files (x86)\Event Log Manager\Tracing\EventManager-New_x0020_Computer_x0020_Collection.log"
In the file "c:\Program Files (x86)\Event Log Manager\Tracing\EventManager-New_x0020_Computer_x0020_Collection.log"
EventManager.exe Information: 0 : [TID: 1, Time: 07.11.2012 9:27:08] Data collection completed successfully.
EventManager.exe Information: 0 : [TID: 1, Time: 07.11.2012 9:27:09] Reading flag_notify, last notify time: 11/07/2012 03:07:13 EventManager.exe Information: 0 : [TID: 1, Time: 07.11.2012 9:27:09] End notifier EventManager.exe Information: 0 : [TID: 1, Time: 07.11.2012 9:37:00] Tracing started. OS version: Microsoft Windows 7 Корпоративная  Service Pack 1 OS Architecture: 64-bit, Machine: DIMON, Username: BSS\novdi, Interactive: True, CPU count: 2, CLR version: 2.0.50727.5456, UTC: 3, DLST: False, Assembly File version: 4.0.263.0 EventManager.exe Information: 0 : [TID: 1, Time: 07.11.2012 9:37:00] .NET Versions are accessible : CDF N/A; 2.0.50727.5420; 3.0.30729.5420; 3.5.30729.5420; v4 N/A; v4.0 N/A EventManager.exe Information: 0 : [TID: 1, Time: 07.11.2012 9:37:00] EventManager.exe Information: 0 : [TID: 1, Time: 07.11.2012 9:37:00] Program start.
EventManager.exe Information: 0 : [TID: 1, Time: 07.11.2012 9:37:00] Agrs in command-line: -profile=New_x0020_Computer_x0020_Collection
EventManager.exe Information: 0 : [TID: 1, Time: 07.11.2012 9:37:00] ELM version is: freeware EventManager.exe Information: 0 : [TID: 1, Time: 07.11.2012 9:37:01] The key Database Settings allready created - skipped EventManager.exe Information: 0 : [TID: 1, Time: 07.11.2012 9:37:01] DateBase registry keys was checked.
EventManager.exe Information: 0 : [TID: 1, Time: 07.11.2012 9:37:01] Start notifier EventManager.exe Information: 0 : [TID: 1, Time: 07.11.2012 9:37:01] TaskInfo configuration:
	 Enabled: True
	 Repository path: C:\ProgramData\NetWrix\Management Console\Data
	 Use agents: True
	 Use long-time audit archiving: False
	 Daily report time: 03:00:00
	 Shared objects: 
		Source: 'msk-dc.bss.lan'   Platform: 'Windows Server'
		Source: 'msk-bdc.bss.lan'   Platform: 'Windows Server'

EventManager.exe Information: 0 : [TID: 1, Time: 07.11.2012 9:37:01] Using agents EventManager.exe Information: 0 : [TID: 1, Time: 07.11.2012 9:37:01] Start collect data EventManager.exe Information: 0 : [TID: 1, Time: 07.11.2012 9:37:01] OS checking EventManager.exe Error: 0 : [TID: 1, Time: 07.11.2012 9:37:11] Collecting error: System.ArgumentNullException: Значение не может быть неопределенным.
Имя параметра: path1
   в System.IO.Path.Combine(String path1, String path2)
   в #=qms_n_5GO5mkxnUPnaC_4EwdPkFg3wkvKej7uPVlLai8=.#=qvHxtYlrsIKk9qOv3UcTc1A==()
EventManager.exe Information: 0 : [TID: 1, Time: 07.11.2012 9:37:11] End collect data EventManager.exe Information: 0 : [TID: 1, Time: 07.11.2012 9:37:11] Managing old files EventManager.exe Information: 0 : [TID: 1, Time: 07.11.2012 9:37:11] Saving all logs name to xml EventManager.exe Information: 0 : [TID: 1, Time: 07.11.2012 9:37:12] GenerateHiddenSessions() start EventManager.exe Information: 0 : [TID: 1, Time: 07.11.2012 9:37:12] GenerateHiddenSessions() finish EventManager.exe Information: 0 : [TID: 1, Time: 07.11.2012 9:37:12] Reading flag_notify, last notify time: 11/07/2012 03:07:13 EventManager.exe Information: 0 : [TID: 1, Time: 07.11.2012 9:37:12] need merging is false because of: System.NullReferenceException: В экземпляре объекта не задана ссылка на объект.
   в NetWrixLib.SharedMemory.SharedMemoryClass.#=qYiEGAuRi8Hw_lrWoQhkzwA==()
   в NetWrixLib.SharedMemory.SharedMemoryClass..ctor(String _variable_name)
   в #=qms_n_5G05mkxnUPnaC_4EwdPkFg5wkvKej7uPVlLai8=.#=qQP_PPPOSrk4j$WLIMVV2wA==(String[] #=qBkSl7Uku3124bdSVrJ8A0A==) EventManager.exe Information: 0 : [TID: 1, Time: 07.11.2012 9:37:12] Data collection completed successfully.
EventManager.exe Information: 0 : [TID: 1, Time: 07.11.2012 9:37:13] Reading flag_notify, last notify time: 11/07/2012 03:07:13 EventManager.exe Information: 0 : [TID: 1, Time: 07.11.2012 9:37:13] End notifier
В базе знаний не нашел решения...
In knowledge base not found a solution...

#2 Administrator

Administrator

    Administrator

  • Root Admin
  • PipPip
  • 26 posts
  • Gender:Male

Posted 28 November 2012 - 11:47 AM

Дмитрий, спасибо за вопрос. Фрагмент лога, присланный Вами, показывает, что вы используете бесплатную версию продукта, и что возникает Fatal Error.

Для решения проблемы нам необходима дополнительная информация: содержимое папок Tracing, Rules и Data (находящихся в папке установки продукта), а также экспорт ветки реестра HKLM\Software\Wow6432Node\NetWrix\Event Log Manager\. Заархивируйте папки и экспорт ветки реестра в один архив и отправьте этот архив нам. (Для отправки воспользуйтесь следующей ссылкой: http://www.netwrix.com/upload , в поле Subject укажите "ELM forum_VD")

#3 vtodorov

vtodorov

    Newbie

  • Members
  • Pip
  • 3 posts

Posted 24 April 2017 - 06:25 AM

Hi Team,

 

I am also testing the freeware edition. 

 

I am collecting logs and can read them from the 'Viewer'.

The scheduled daily summary reports get sent and received but they do not contain any information about the events registered. 

 

The email summary looks like this:

NetWrix Event Log Manager: Summary Report 

Event log collection completed successfully.

 

Is this by design ?






0 user(s) are reading this topic

0 members, guests, anonymous users