Why does the output of logparser show
"The description for Event ID 203 in Source "Microsoft-Windows-StorageSpaces-Driver" cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer"
in the message field when exporting EVTX file to CSV? and is there a fix for this?
All the messages you normally see in the Windows Event Viewer are actually format strings stored in DLLs and other binary files that come with the service that logged the event.
For example, when service XYZ wants to log "Cannot connect to 192.168.0.5" to the event viewer, it really logs something like "8843,'192.168.0.5'", where "8843" is the ID of a string that is to be found in a binary registered by service XYZ with the Windows Service Manager; the string would look something like "Cannot connect to %1".
Any application that wishes to report the same strings needs then the ability to access the binaries registered with the Windows Service Manager; often times these binaries cannot be found, for example because the service has been uninstalled, or because the event log has been exported out of its original host, or simply because the application doesn't have privileges to open the binaries.
In your particular case, if you're running LogParser on the same host as the event log, it could be that you need to run as administrator. Also, it could be that the DLLs have themselves long gone - can you see the actual message of that event when you look for it in the Event Viewer?
Related
Hi,
I am getting the below error when trying to update my view . Also, creds manager service is stopped and not getting started.
As long as the credmanager.exe is not started, none of the view (snapshot or dynamic) will work. So you need to debug that first.
Typically, you would check the ClearCase logs, and the Windows event, to see what the issue is. See "how to fix or investigate 'Operation “view_ws_is_ws_view” failed'?", using cleartool getlog.
That kind of error ("This application has failed to start becauselibatriaks.dllwas not found. Re-installing the application may fix this problem") was seen with rather old versions of ClearCase (7.0.1).
See for instance this thread.
If the DLL is present and the directory is in your path you should never
get this error.
Check to see how far ...\rational\clearcase\bin is down your SYSTEM path, and make sure the DLL's are in there.
ccgzip.exe will be called (by the client process) when checking in any files that fall back to the "compressed_file" element type. It may be called by the view server during file opens and checkouts to construct cleartext if needed. The former uses your user path, the latter will normally use the SYSTEM path.
We've seen odd behavior on Windows when the path gets >500 characters
long, though there seems to be no "official" limit to the length this environment variable (%PATH%) can grow to.
The error message you see is likely a path issue. Whether that's related to the other issue is unknown...
Is the albd server process running? The credential manager service is flagged to depend on this service. If that service fails to start, or terminates, the credential manager service will also fail.
A service startup failure should be in the Application or System Event logs. and from there the "Troubleshooting albd startup failures" technote on ibm.com would likely be a good place to start.
I've run into a request for a new Nagios monitor to ensure that a system is processing inbound records. The system in question is a Windows box and I'm monitoring several other things there with check_nt. The parameters that I have been given is to check a specific directory and alarm if there are more than 5 files in that directory which is indicative of the MSSQL stored procedure not pulling the files properly.
I have been having no luck finding a complete list of all the options available for check_nt. For instance, I do check a specific log file on another Windows server for activity using the "FILEAGE" option for check_nt but I sure can't find any reference to that any longer and I'm honestly not sure how I found the syntax for that years ago when I initially setup that particular check.
Anyone have any ideas how to get a count of files in a specific directory using check_nt?
I have a simple Windows Form application(WPF) with entity framework. After compiled, only a few files generated:
EntityFramework.dll
EntityFramework.xml
MyApp.exe
MyApp.application
MyApp.exe.config
...
Then I just copy following files to a network shared folder:
EntityFramework.dll
MyApp.exe
MyApp.exe.config
Then I can double click on MyApp.exe from developer computer the launch the app, but can not launch from another end user computer.
How to resolve this problem?
When you double click, app is not launching means certainly it is crashing so type the command eventvwr in run or cmd it'll open the Event viewer in that go to Windows Logs and Click on Application, you can see different levels of logs in that just find the last error log view the details it might help you
Have a look in the event log on the target computer and look at the error that is actually being reported.
It could be a missing installation of the correct version of the DotNet framework as suggested in the comments above, or it could also be that the execution policy of the target computer is preventing the user from running from a network drive (As a developer you probably have admin rights on your local pc allowing you to do this).
Whatever the actual cause you are always better to use some form of installer, rather than this form of putting files on the network (commonly known as xcopy deployment).
Probably the best solution is to use Visual studio to generate you a click once installer and publish it to your network drive. This will then copy the application locally on the users pc and run it from there.
Some of the windows services will start only after restarting the pc where as some start as soon as software is installed.
For example sql server(instance name) will start as soon as it is installed. Some other service requires restart.After restarting that computer it will start appearing in services.msc. Does it done by using registry? I got a link related to registry of services .But i am not able to track which one does it? Is it registry or something else?
(Setting service to manual or automatic is different,my question is about service added during the install of software for the first time)
You shouldn't be directly manipulating the registry to create a service. You should be using the service control manager API's to create and if desired start the service. The registry values are documented but they are still private to the API and only take effect upon reboot. Using the API will take affect immediately and the registry changes are done by the API.
If you are using Windows Installer you can let the installer handle all of this for you by using the Windows Installer's ServiceInstall and ServiceControl tables.
Some services have dependencies on resources that aren't available until after a reboot. One example might be a locked file that will be overwritten during startup via the Pending Files Rename Operations pattern. Another gotcha is if the service has a dependency on a system environment variable. After updating the registry to set the environment you are supposed to send a message to the broadcast address informing all processes on a settings change. Unfortunately the service control manager ignores these messages so it takes a reboot to catch up.
Other examples would be on a case by case basis.
The scenarios is:
IBM WMB V8 running on linux has a list of user id's given to it in an MQ message. For each user id I need to connect to a windows box (samba share probably) and then pass this user id to a windows executable i.e.
C:\temp\command.exe 1234
C:\temp\command.exe 5678
the output from this command will return an image of this user from a database output to a directory.
WMB then goes and retrieves this image and somehow maps (user id => image) and updates a database somewhere.
Is this scenario possible in WMB without involving some other processor on the windows machine?
I can't see any nodes to help with this and I'm expecting i'll have to dump the userid list in a file and use perl or similar to process the command & image capture and return these to WMB as a message or something.
Regards,
Sapatos
Seems like a hard task. You can call arbitrary C-code and code custom nodes in C, so it's not impossible, since you could probably do most things with C and the Internet of libraries.
It seems like you would save yourself months of trouble by setting up a simple service on the windows box, for instance something listening to MQ, invokes the command then replies with the image.
You have not missed any thing. There are not any built in functionallity in WMB for this task. At least not when running on non windows platforms.