Events that are beeing left out from eventlog

Events that are beeing left out from eventlog

Hello all.


I have problem with Snort and few other monitoring programs that are writing to Eventlog and manage engine is not able to parse or read those messages.

For example snort is writing message like this:

The description for Event ID ( 1 ) in Source ( snort ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: [1:1448:13] MISC MS Terminal server request [Classification: Generic Protocol Command Decode] [Priority: 3]: {TCP} xx.xxx.xx.xx:1140 -> xx.xxx.xx.xx:3389.

Now before this wasn't problem, but with the latest version of eventlog analyzer I'm having these messages parsed as empty messages:

Source Type EventId Message Time
    
" " 07 Dec 2009, 15:47:00
" " 07 Dec 2009, 15:46:42
" " 07 Dec 2009, 15:46:42
" " 07 Dec 2009, 15:46:42
" " 07 Dec 2009, 15:46:42
Any help would be appreciated because I have alerts based on content of the messages from eventlog.







      New to M365 Manager Plus?
      New to M365 Manager Plus?
        New to RecoveryManager Plus?
        New to RecoveryManager Plus?
          New to Exchange Reporter Plus?
          New to Exchange Reporter Plus?
            New to SharePoint Manager Plus?
            New to SharePoint Manager Plus?
              See all integrations
              New to ADManager Plus?
              See all integrations
              New to ADManager Plus?

                New to ADSelfService Plus?

                Start your free trial
                Start your free trial



                          Related Products