Event viewer not consistent

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

I'm running Win2K Server sp4 w/latest updates and SAV Corp Edition 8.1 running (indications are virus free). My problems are these:
1. On one DC, I've noted that the log files are consistently empty...even after I force a network event. Don't understand why I can't see the log files. It's as if they are being instantly cleared or are not running, but Services indicates that the Event routine is running normally.

2. On another DC, I execute the Event Viewer and note that the System Log has 2,285 events but displays nothing....even after 1 hour of waiting for screen to possibly catchup. What's even stranger than that, when I select any other log all events now read 0, and when I return back to the System Log, it now reads 0 (empty).

Has anyone seen this before? Any help would be greatly appreciated as I am going nuts trying to figure this one out.

Please send responses to (e-mail address removed)
Thank you,
ME
 
Possible the *.evt files are corrupt. Control Panel|Administrative
Tools|Services|Event Log Service|General, set the "Startup Type:" to
"Disabled" restart the pc, then delete (or move) the corrupt *.evt files
from %windir%\system32\config then set the Event Log Service "Startup Type:"
back to "Automatic", restart for effect.


--
Regards,

Dave Patrick ....Please no email replies - reply in newsgroup.
Microsoft MVP [Windows NT/2000 Operating Systems]

Mark Estridge said:
I'm running Win2K Server sp4 w/latest updates and SAV Corp Edition 8.1
Click to expand...
running (indications are virus free). My problems are these:
1. On one DC, I've noted that the log files are consistently empty...even
Click to expand...
after I force a network event. Don't understand why I can't see the log
files. It's as if they are being instantly cleared or are not running, but
Services indicates that the Event routine is running normally.
2. On another DC, I execute the Event Viewer and note that the System Log
Click to expand...
has 2,285 events but displays nothing....even after 1 hour of waiting for
screen to possibly catchup. What's even stranger than that, when I select
any other log all events now read 0, and when I return back to the System
Log, it now reads 0 (empty).
Has anyone seen this before? Any help would be greatly appreciated as I
Click to expand...
am going nuts trying to figure this one out.
 
This problem has been reported many times.

I also had it with a SP4 machine. The fix works -- but in my case the
problem recurred in a week or so. I found that by changing the default
properties of each event log to "overwrite events as needed", the problem
was permanently solved.

On my machine this property defaulted to "overwrite events older than 7
days". I suspect there were too many events in that period, which exposed a
bug in Microsoft's code.

Arthur

--
 
Could be although it should have generated an error message at logon "System
(or whatever) Log File is Full"
 
Back
Top