How To Block logging of 405's to Event Log?

Similar Messages

• Date format in log/error messages with Server Event Log

  Hi :)
  I have some question.
  Current Date is printed at tterrors/ttmesg log files to add with "-showdate" option at $TIMESTEN_HOME/info/ttendaemon.options file.
  But date when the TimesTen Server Event Log output is not displayed.
  How to solve these case?
  ====
  ttmesg.log
  ====
  2010-05-17 09:40:00.11 Info: : 7409: maind: done with request #433.1657
  09:40:00.13 Info: SRV: 31875: EventID=16| Connect succeeded from client: ttwell01 (ttwell01); IP address: 218.234.33.27; Client PID: 31870; DSN: ntsdb; UID: timesten
  2010-05-17 09:40:27.84 Info: : 7409: maind got #434.1658, hello: pid=32076 type=utility payload=%00%00%00%00 protocolID=TimesTen 7.0.5.9.0.tt7059 ident=%00%00%00%00
  ====
  ====
  ttendaemon.options
  ====
  # Commented values are default values
  #-supportlog /home/TimesTen/tt7059/info/ttmesg.log
  #-maxsupportlogfiles 10
  #-maxsupportlogsize 0x100000
  #-userlog /home/TimesTen/tt7059/info/tterrors.log
  #-maxuserlogfiles 10
  #-maxuserlogsize 0x100000
  -showdate
  -verbose
  -oracle_home /home/oracle11g
  # Start the TimesTen OracleConnect GUI
  -webserver
  -server 17593
  ====
  OS
  ====
  Red Hat Enterprise Linux AS release 4 (Nahant Update 5)
  Thanks
  GooGyum

  This is an issue that was discussed internally very recently. BUG 9719650 - -SHOWDATE OPTION NOT ENABLED FOR SRV MESSAGES has been logged to track the issue.

• How to write to windows event logs from determinations-server under IIS

  This is just an FYI technical bit of information I wish someone had shared with me before I started trying to write OPA errors to the windows event log... Most problems writing to the windows event log from log4net occur because of permissions. Some problems are because determinations-server does not have permissions to create some registry entries. Some problems cannot be resolved unless specific registry entry permissions are actually changed. We had very little consistency with the needed changes across our servers, but some combination of the following would always get the logging to the windows event log working.
  To see log4net errors as log4net attempts to utilize the windows event log, temporarily add the following to the web.config:
  <appSettings>
  <!-- uncomment the following line to send diagnostic messages about the log configuration file to the debug trace.
  Debug trace can be seen when attached to IIS in a debugger, or it can be redirected to a file, see
  http://logging.apache.org/log4net/release/faq.html in the section "How do I enable log4net internal debugging?" -->
  <add key="log4net.Internal.Debug" value="true"/>
  </appSettings>
  <system.diagnostics>
  <trace autoflush="true">
  <listeners>
  <add
  name="textWriterTraceListener"
  type="System.Diagnostics.TextWriterTraceListener"
  initializeData="logs/InfoDSLog.txt" />
  </listeners>
  </trace>
  </system.diagnostics>
  To add an appender for the windows event viewer, try the following in the log4net.xml:
  <appender name="EventLogAppender" type="log4net.Appender.EventLogAppender" >
  <param name="ApplicationName" value="OPA" />
  <param name="LogName" value="OPA" />
  <param name="Threshold" value="all" />
  <layout type="log4net.Layout.PatternLayout">
  <conversionPattern value="%date [%thread] %-5level %logger [%property{NDC}] - %message%newline" />
  </layout>
  <filter type="log4net.Filter.LevelRangeFilter">
  <levelMin value="WARN" />
  <levelMax value="FATAL" />
  </filter>
  </appender>
  <root>
  <level value="warn"/>
  <appender-ref ref="EventLogAppender"/>
  </root>
  To put the OPA logs under the Application Event Log group, try this:
  Create an event source under the Application event log in Registry Editor. To do this, follow these steps:
  1.     Click Start, and then click Run.
  2.     In the Open text box, type regedit.
  3.     Locate the following registry subkey:
  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application
  4.     Right-click the Application subkey, point to New, and then click Key.
  5.     Type OPA for the key name.
  6.     Close Registry Editor.
  To put the OPA logs under a custom OPA Event Log group (as in the demo appender above), try this:
  Create an event log in Registry Editor. To do this, follow these steps:
  1.     Click Start, and then click Run.
  2.     In the Open text box, type regedit.
  3.     Locate the following registry subkey:
  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog
  4.     Right-click the eventlog subkey, point to New, and then click Key.
  5.     Type OPA for the key name.
  6.     Right-click the new OPA key and add a new DWORD called "MaxSize" and set it to "1400000" which is about 20 Meg in order to keep the log file from getting too large.
  7.     The next steps either help or sometimes cause an error, but you can try these next few steps... If you get an error about a source already existing, then you can delete the key.
  8.     Right-click the OPA subkey, point to New, and then click Key.
  9.     Type OPA for the key name.
  10.     Close Registry Editor.
  You might need to change permissions so OPA can write to the event log in Registry Editor.  If you get permission errors, try following these steps:
  1.     Click Start, and then click Run.
  2.     In the Open text box, type regedit.
  3.     Locate the following registry subkey:
  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog
  4.     Right-click the EventLog key, select Permissions.
  5.     In the dialog that pops up, click Add...
  6.     Click Advanced...
  7.     Click Locations... and select the current machine by name.
  8.     Click Find Now
  9.     Select both the Network user and IIS_IUSERS user and click OK and OK again. (We never did figure out which of those two users was the one that fixed our permission problem.)
  10.     Change the Network user to have Full Control
  11.     Click Apply and OK
  To verify OPA Logging to the windows event logs from Determinations-Server:
  Go to the IIS determinations-server application within Server Manager.
  Under Manage Application -> Browse Application click the http link to pull up the local "Available Services" web page that show the wsdl endpoints.
  Select the /determinations-server/server/soap.asmx?wsdl link
  Go to the URL and remove the "?wsdl" from the end of the url and refresh. This will throw the following error into the logs:
  ERROR Oracle.Determinations.Server.DSServlet [(null)] - Invalid get request: /determinations-server/server/soap.asmx
  That error should show up in the windows event log, OR you can get a message explaining why security stopped you in "logs/InfoDSLog.txt" if you used the web.config settings from above.
  http://msdn.microsoft.com/en-us/library/windows/desktop/aa363648(v=vs.85).aspx
  Edited by: Paul Fowler on Feb 21, 2013 9:45 AM

  Thanks for sharing this information Paul.

• How can I turn off Event ID 5156 AND 5145 in the Security Event Log?

  Hi,
  I have a high volume web service.   Everytime there is a connection from the outside, it logs this in my security event log.
  I want to turn this off.
  How can I stop the logging of event id 5156 on the web server and 5145 on the file server?
  Thanks!
  Dane!

  Hi,
  Thanks for posting in Microsoft TechNet forums.
  The problem can be related to Audit settings. Please check the following threads to see if the information can be useful during the troubleshooting:
  auditing file share on windows 2008 R2
  http://social.technet.microsoft.com/Forums/en-US/winserversecurity/thread/9e633bad-cda6-4ec4-8f04-c01de57ce767
  Event ID 5156 filling up event logs. Probably due to anti-virus software (SEP 11)
  http://social.technet.microsoft.com/Forums/en-US/w7itprosecurity/thread/8044fb62-f5ea-45b5-b717-3f6592af77e0
  Regards
  Kevin
  TechNet Subscriber Support
  If you are
  TechNet Subscription user and have any feedback
  on our support quality, please send your feedback here.

• Big Events.log in $COMMON_TOP/admin/log

  Hello,
  I have noticed there are always many logs in the $COMMON_TOP/admin/log. Apart from the concurrent managers logs etc, there are those Events.logs which can grow to any size as long as the apps keeps running.
  New ones are however created upon restart of apps and I can clear the old ones.
  I will like to reduce what is written to the Events.log so that they do not grow too big. Can someone let me how to do this or point me to an article on these logs?
  Regards

  I have found the solution I wanted and I think it may be useful to someone later and that is why I am posting this.
  Those LARGE eventxx.logs under $COMMON_TOP/admin/log are Fulfillment Server logs and looking through them, I don't really know their benefits and I have been deleting them but I can swtich off the loggings now.
  This is detailed in the metalink note ID 601375.1
  I got this when I came across this link on the internet:
  http://newappsdba.blogspot.com/2008/12/huge-eventslog-files-in-applcsfappllog.html
  Regards
  Edited by: user12191278 on 18-Jan-2010 05:24

• Clear Event log

  Hi all,
  We have almost 1500 clients (win7 system) in LAN environment and our requirement was we need to clear event logs older than 7 day's in all client system,
  Pls confirm and group policy or script available for that.
  Thanks, Mariappan Shanmugavel

  Greetings!
  I am not sure if it is practical to have a script to search for old event logs and clear them. Also it may create performance issues because the event logs should be queried and check conditions for that, then move for removal process. Why not to use retention
  for this? configure retention for 7 days and there will be no log older that that.
  Event Logging policy settings in Windows Server 2008 and Vista
  Regards.
  Mahdi Tehrani   |  
    |  
  www.mahditehrani.ir
  Please click on Propose As Answer or to mark this post as
  and helpful for other people.
  This posting is provided AS-IS with no warranties, and confers no rights.
  How to query members of 'Local Administrators' group in all computers?

• IPS event log size

  Hi everyone,
  I have a very "interesting" que from my customer.
  He is asking me how much disk space is needed for an event log. Just one event log. Because I told him that IPS itself has limited space for logs and to archive it, please use IME installed on a server.
  Does anyone know how much disk space is taken up for a single event log? LOL
  Regards

  There is no fixed size. Different types of events will contain more or less data. If you turn on packet captures, the size will be much larger as well.
  - Bob

• Allow Non-Administrator accounts to create event sources and write to event logs

  We are setting up BizTalk 2013 in Windows Server 2012 and one of the requirements is to allow the service account to create sources and write in event logs (Application) of the BizTalk servers. We have found what it seems to be a simple solution for this
  without giving service accounts local admin rights.
  Give Full control for the following registry keys to the service accounts or groups to allow creating of event sources and write to event logs:
  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog
  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Security
  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Application
  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Security
  Note: when changing permissions for EventLog key, the child keys will inherit the permissions by default except Security key which must be done manually.
  Initial tests using a .net test app seems to work as expected. New event sources are being created in the event logs and writing to the event logs after that works perfectly.
  The above method has been deployed in production and this is the most suitable solution for us.

  Hi Keong6806,
  Thanks a lot for posting and sharing here.
  Do you have any other questions regarding this topic? If not I would change the type as 'Discussion' then.
  Best Regards,
  Elaine
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected]

• LocalDrive, remoteDrive error being logged to Windows Application event log

  Post Author: yday
  CA Forum: Data Integration
  Hi all,We are finding the following error messages being constantly logged to the Windows application event log:Event ID: 4096Source: Data Integrator"The error: localDrive: LocalDrive1; localDriveValue:  "andEvent ID: 4096
  Source: Data Integrator
  "The error: remoteDrive: RemoteDrive1; remoteDriveValue: "Another user noted as having the same problem in the old BO Support Forum:http://support.businessobjects.com/forums/message.asp?fid=568&mid=171195  We are also running Data Quality XI R2 (11.5.1.0) on the same server.  This problem has been happening for as long as I can remember.  It does not appear to cause any jobs to fail, but we would like to resolve this to prevent error messages being logged to computer management. Can anyone suggest a solution?  Product: Data Integrator XI R2
  Version: 11.7.0.0
  Patches Applied: None
  Operating System(s): Windows Server 2003 w SP1
  Database(s): Oracle 10gR2
  Error Messages: remoteDrive, localDrive error (as above)Steps to Reproduce: Restart the job server and the error appearsThanks and regards,York DAY

  Post Author: yday
  CA Forum: Data Integration
  Ben,
  I have just installed DI 11.7.2.0 and it is still an issue!  The bug has not been listed in the release notes in either the resolved issues section, or the known issues section.
  Australia support told me it would be fixed in the next service release.  This was well before 11.7.2.0 was released.
  I've opened another support case as I closed the last one, believing it was resolved.  From our perspective, it is not even being shown as a known issue with the product at this stage - so I will be keeping my support issue open this time until I see it is fixed.
  My support case number is 302810798 FYI.
  Rgds,York

• LYNC 2013 Event Logging Parameters for LYNC server logs

  Hi,
  We have LYNC server 2013 enterprise voice. We have third party Monitoring server to monitor the event logging.
  Do we have default event logging parameters for LYNC Server logs in LYNC 2013?
  Thanks
  jitender

  There's really just the default level of logging for Lync Server Event Logs.  For individual call troubleshooting you might use the debug logger, and for longer term troubleshooting you'd deploy the Lync Monitoring role.  The monitoring role, service
  status, and performance monitor counters are what you really want to be monitoring if you're watching your Enterprise Voice deployment.
  If I understand the question, there isn't a way to turn up the amount of logs generated in the Lync event logs or change parameters around this. 
  Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question please click "Mark As Answer".
  SWC Unified Communications

• WSA s170 - How to block skype and download

  Hi,
  I recently changed my proxy solution from BlueCoat ProxySG to Cisco WSA but I'm finding some difficulties to operate the appliance. 
    a - I can't have multiple defaults route
    b - How can I block skype traffic?
    c - How can I block download
    d - No graphical interface for logging
  I hope some here can help me. Because I don't know yet if it was a good choice change the solution that used to work like a charm.
  If some one can also point the other good things I can do with this appliance should be good.
  Best regards,
  Alcides 

  It sounds like it may be best for you to reach out to the sales person that sold you this appliance.  But some quick answers for you:
  a) You can go to Network > Routes.  You can set routes based on destinations.  What exactly are you trying to do with multiple default routes?  Are you trying to get some kind of fail-over setup?  If so, this cannot be done.  You can contact TAC and ask that they submit a feature request for this.
  b) Skype can be blocked by the WSA, but after Skype determines that it cannot logon via port 80 or 443, it will start trying every port ever existed until it gets access.  Are you ready to block all other ports at the firewall?
  c) You can block a download by file types under Access Policies > Mime Type.
  d) There is web tracking.  But if you want to view live logs in the GUI, that is not available.  Consider contacting TAC and asking for a feature request as well.
  It sounds like you are very used to the Bluecoat.  Different products will have different features. 

• How to block yahoo new messenger option in mail beta

  Hi,
  Anyone know how to block yahoo's new option of messenger being in the
  yahoo mail beta? I know we could just block access to yahoo mail, but
  that hasn't been a real problem at this point (according to our logs
  anyway) but now that messenger has been added there, it certainly could
  become a problem.
  Have already blocked webmessenger for yahoo and msn, are there others
  now? we have the other general blocks for the clients (port
  redirections etc)
  Thank you,
  Mike

  Mike,
  It appears that in the past few days you have not received a response to your
  posting. That concerns us, and has triggered this automated reply.
  Has your problem been resolved? If not, you might try one of the following options:
  - Do a search of our knowledgebase at http://support.novell.com/search/kb_index.jsp
  - Check all of the other support tools and options available at
  http://support.novell.com.
  - You could also try posting your message again. Make sure it is posted in the
  correct newsgroup. (http://support.novell.com/forums)
  Be sure to read the forum FAQ about what to expect in the way of responses:
  http://support.novell.com/forums/faq_general.html
  If this is a reply to a duplicate posting, please ignore and accept our apologies
  and rest assured we will issue a stern reprimand to our posting bot.
  Good luck!
  Your Novell Product Support Forums Team
  http://support.novell.com/forums/

• How to block email

  how to block an  email address from sending me email? 

  Try this link
  My Verizon Online Sign In - Verizon Wireless
  Otherwise search for internet spam blocking in the I Want To box once logged in
  There are check boxes for block all text messages sent from email and block all text messages sent from web.
  Or you can block specific email addresses if you think that would work for your situation.

• HT201472 i m Al thaf  my iPhone 4s is lost how to block total e tideways this career at&t unlock i m sent in sri lanka this dwayside  active thes phone ime:013030000145542 pls help me

  i m Al thaf  my iPhone 4s is lost how to block total e tideways this career at&t unlock i m sent in sri lanka this dwayside  active thes phone ime:013030000145542 pls help me

  So the bottom line is, you've run into Activation Lock. You have no options other than to get those original credentials. (I have to admit I did not read your too-long story) You don't need his password, he just needs to log into icloud.com with his credentials and remove the device in question from Find My iPhone.
  http://support.apple.com/kb/PH13695

• How to block on account payment for certain user

  Dear All,
     We are looking to implement a policy on how to block certain users not to be able to take on account payment. One more query is it possible to disable a field. I want to disable the field "Payment on account" in the Incoming Payments. Please advice

  Hi,
  Sue below code in transaction notification procedure,Change userid =1 to user id for user ou want to block payment on account
  IF @Object_type = N'24' and @transaction_type = N'A'
  BEGIN
  if exists (SELECT    ORCT.DocEntry from ORCT
                       WHERE (ORCT.PayNoDoc='Y' and ORCT.UserSign=1) and ORCT.DocEntry  = @list_of_cols_val_tab_del
  begin
          select @error =14
     select @error_message = 'Cannot make on account payments '
  end
  END
  Thanks,
  Neetu