Large number of event Log entries: connection open...

Similar Messages

• Create an Event log entry in Event Viewer in Windows 7, when processor exceeds a set percentage of usage

  Hi, I am trying to create an Event log entry in Event viewer in Windows 7 when the processor exceeds a set percentage of usage. I have unsuccessfully tried doing this through a Data Collection Set in the User Defined folder to monitor CPU usage
  and to trigger an Alert and log an entry when the CPU exceeds a set percentage of usage.  Any suggestions, and please if possible keep them simple and easy to follow, I am not to familar with Windows 7.  

  Hi, I am trying to create an Event log entry in Event viewer in Windows 7 when the processor exceeds a set percentage of usage. I have unsuccessfully tried doing this through a Data Collection Set in the User Defined folder to monitor CPU usage
  and to trigger an Alert and log an entry when the CPU exceeds a set percentage of usage.  Any suggestions, and please if possible keep them simple and easy to follow, I am not to familar with Windows 7.  

• HH3 event log entries?

  Can anyone tell me what's going on with my hub's firewall as there suddenly seem to be a lot of unusual entries, as well as a large number of blocked outgoing packets. What is "ath3" and "OpenWifi IPsec"?
  16:58:34, 27 Mar.
  BLOCKED 43 more packets (because of Advanced Filter Rule)
  16:58:33, 27 Mar.
  OUT: BLOCK [44] Advanced Filter Rule (fw/policy/0/chain/fw_ath3_out/rule/0: UDP [fe80:0000:0000:0000:414c:062b:ddbf:1bee]:56097->[​ff02:0000:0000:0000:0000:0000:0001:0003]:5355 on ath3)
  16:58:33, 27 Mar.
  BLOCKED 21 more packets (because of Advanced Filter Rule)
  16:58:32, 27 Mar.
  OUT: BLOCK [44] Advanced Filter Rule (fw/policy/0/chain/fw_ath3_out/rule/0: UDP [10.182.64.138]:137->[10.182.64.143]:137 on ath3)
  16:58:32, 27 Mar.
  BLOCKED 25 more packets (because of Advanced Filter Rule)
  16:58:31, 27 Mar.
  OUT: BLOCK [44] Advanced Filter Rule (fw/policy/0/chain/fw_ath3_out/rule/0: UDP [10.182.64.138]:137->[10.182.64.143]:137 on ath3)
  16:58:31, 27 Mar.
  BLOCKED 151 more packets (because of Advanced Filter Rule)
  16:58:30, 27 Mar.
  OUT: BLOCK [44] Advanced Filter Rule (fw/policy/0/chain/fw_ath3_out/rule/0: UDP [10.182.64.138]:137->[10.182.64.143]:137 on ath3)
  16:58:30, 27 Mar.
  BLOCKED 39 more packets (because of Advanced Filter Rule)
  16:58:29, 27 Mar.
  OUT: BLOCK [44] Advanced Filter Rule (fw/policy/0/chain/fw_ath3_out/rule/0: UDP [10.182.64.138]:137->[10.182.64.143]:137 on ath3)
  16:58:29, 27 Mar.
  BLOCKED 83 more packets (because of Advanced Filter Rule)
  16:58:28, 27 Mar.
  OUT: BLOCK [44] Advanced Filter Rule (fw/policy/0/chain/fw_ath3_out/rule/0: UDP [10.182.64.138]:138->[10.182.64.143]:138 on ath3)
  16:58:28, 27 Mar.
  BLOCKED 89 more packets (because of Advanced Filter Rule)
  16:58:27, 27 Mar.
  OUT: BLOCK [44] Advanced Filter Rule (fw/policy/0/chain/fw_ath3_out/rule/0: UDP [10.182.64.138]:137->[10.182.64.143]:137 on ath3)
  16:58:27, 27 Mar.
  BLOCKED 55 more packets (because of Advanced Filter Rule)
  16:58:26, 27 Mar.
  OUT: BLOCK [44] Advanced Filter Rule (fw/policy/0/chain/fw_ath3_out/rule/0: UDP [10.182.64.138]:137->[10.182.64.143]:137 on ath3)
  16:58:26, 27 Mar.
  BLOCKED 78 more packets (because of Advanced Filter Rule)
  16:58:25, 27 Mar.
  OUT: BLOCK [44] Advanced Filter Rule (fw/policy/0/chain/fw_ath3_out/rule/0: UDP [fe80:0000:0000:0000:414c:062b:ddbf:1bee]:1900->[f​f02:0000:0000:0000:0000:0000:0000:000c]:1900 on ath3)
  16:58:25, 27 Mar.
  BLOCKED 15 more packets (because of Advanced Filter Rule)
  16:58:25, 27 Mar.
  OUT: BLOCK [44] Advanced Filter Rule (fw/policy/0/chain/fw_ath3_out/rule/0: UDP [10.182.64.138]:1900->[239.255.255.250]:1900 on ath3)
  16:58:25, 27 Mar.
  BLOCKED 58 more packets (because of Advanced Filter Rule)
  16:58:24, 27 Mar.
  OUT: BLOCK [44] Advanced Filter Rule (fw/policy/0/chain/fw_ath3_out/rule/0: UDP [10.182.64.138]:1900->[239.255.255.250]:1900 on ath3)
  16:58:21, 27 Mar.
  BLOCKED 52 more packets (because of Advanced Filter Rule)
  16:58:19, 27 Mar.
  OUT: BLOCK [44] Advanced Filter Rule (fw/policy/0/chain/fw_ath3_out/rule/0: IGMP 10.182.64.138->224.0.0.22 on ath3)
  16:58:19, 27 Mar.
  BLOCKED 10 more packets (because of Advanced Filter Rule)
  16:58:19, 27 Mar.
  OUT: BLOCK [44] Advanced Filter Rule (fw/policy/0/chain/fw_ath3_out/rule/0: IGMP 192.168.1.86->224.0.0.22 on ath3)
  16:57:58, 27 Mar.
  IN: BLOCK [15] Default policy (TCP [108.61.8.197]:80->[109.154.74.144]:1234 on ppp1)

  Hi benjp88,
  Another forum user has discussed this before and that seems to be just a log of the firewall working as it should.  Check out this forum post for more info.
  Cheers
  Neil
  BTCare Community Mod
  If we have asked you to email us with your details, please make sure you are logged in to the forum, otherwise you will not be able to see our ‘Contact Us’ link within our profiles.
  We are sorry but we are unable to deal with service/account queries via the private message(PM) function so please don't PM your account info, we need to deal with this via our email account :-)
  If someone answers your question correctly please let other members know by clicking on ’Mark as Accepted Solution’.

• Large number of events (.ics files) caused our problems

  We were plagued with iCal server issues for over a year. iCal server would stop serving to clients, hang, eat CPU time, et al. I had experienced many of the errors in the logs reported her.
  One calendar had over 8000 events in it. We archived older events & put them in a local iCal calendar (since they're static), this lowered the # of events to below 2000. All the iCal server problems instantly and permanently disappeared.
  I had noticed that certain UNIX commands failed in the 8000+ events calendar's directory because of the large number of files (too many arguments error). For example, cat *.ics > All1.txt failed.
  Perhaps Python is similarly limited or the iCal code calls UNIX commands that are barfing because of the number of files.
  If you're having issues and have a calendar with over 2000 or so events, you may want to try breaking up the calendar to see if that fixes the problems.
  Sam

  Hi,
  Firstly check in your system if the standard job SAP_REORG_SPOOL which will delete the old spool files and this job needs to be scheduled in background on daily basis. Regarding the note its asking to check the patch levels of files which you can check at the os level in kernel directory. I am not much aware of AS400 directory structure, but normally kernle path could be /usr/sap/<SID>/SYS/exe/run, /usr/sap/<SID>/DVEBMGS00/exe. In  these path u can find the patch levels of the files.
  Regards,
  Sharath

• HH3A event log entries - firewall

  I have recently received a replacement hub and in the event log am getting loads of the following entries - is this usual (IP address is my laptop)
  23:59:57, 15 May.
  (458348.960000) Port forwarding rule added via UPnP. protocol: UDP, external ports: any->49744, internal ports: 49744, internal client: 192.168.1.64
  23:59:16, 15 May.
  (458308.430000) Port forwarding rule added via UPnP. protocol: UDP, external ports: any->49744, internal ports: 49744, internal client: 192.168.1.64
  Also when I do a tracert I get the following as the first line
  1     3 ms     2 ms     1 ms  api.home [192.168.1.254]
  I am only confused because on the old hub the firewall entries were
  20:50:11, 30 Apr.
  BLOCKED 1 more packets (because of Spoofing protection)
  20:50:09, 30 Apr.
  IN: BLOCK [12] Spoofing protection (IGMP 86.157.215.96->224.0.0.22 on ppp0)
  and the tracert was
  1     1 ms    <1 ms    <1 ms  BThomehub.home [192.168.1.254]
  I presume that nothing is amiss
  Solved!
  Go to Solution.

  conrad wrote:
  Many thanks DS - have turned UPnP off.  
  Why is this comment displayed   "It is recommended to keep the Extended UPnP security enabled to ensure the security of your home network." Presumably not having it enabled is ok.
  The spoofing stuff was obviously caused by me switching between wired/wireless as part of my line problems but thanks for the info as no doubt it will occur again.
  No problem
  The extended UPnP is a new item that BT have added to the latest firmware on the hub3. TBH I've not looked in to what this actually means as I've always turned UPnP off, even from when I was using the HH2.
  The spoofing events will return if you flick between each method of connecting, unless you delete the method not in use
  -+-No longer a forum member-+-

• Since applying Feb 2013 Sharepoint 2010 CUs - Critical event log entries for Blob cache and missing images

  Hi,
  Since applying the February 2013 SharePoint 2010 updates, we are getting lots of entries in our event logs along the following:
  Content Management     Publishing Cache         
  5538     Critical 
  An error occurred in the blob cache.  The exception message was 'The system cannot find the file specified. (Exception from HRESULT: 0x80070002)’
  In pretty much all of these cases the image/ file in question that is reported in the ULS logs as missing is not actually in the collaboration site, master page / html etc so the fix needs to go back to the site owner to make the correction to avoid
  the 404 (if they make it!). This has only started happening, I believe since feb 2013 sp2010 cumulative updates updates
  I didn’t see this mentioned as a change / in the Fix list of the February updates. i.e. it flags up a critical error in our event logs. So with a lot of sites and a lot of missing images your event log can quickly fill up.
  Obviously you can suppress them in the monitoring -> web content management ->publishing cache = none & none which is not ideal.
  So my question is... are others seeing this and was a change made by Microsoft to flag a 404 missing image / file up a critical error in event log when blob cache is enabled?
  If i log this with MS they will just say, you need to fix it up the missing files in the site but would be nice to know this had changed prior! I also deleted and recreated the blob cache and this made no diffference
  thanks
  Brad

  I'm facing the same error on our SharePoint 2013 farm. We are on Aug 2013 CU and if the Dec CU (which is supposed to be the latest) doesn't solve it then what else could be done.
  Some users started getting the message "Server is busy now try again later" with a corelation id. I looked up ULS with that corelation id and found these two errors in addition to hundreds of "Micro Trace Tags (none)" and "forced
  due to logging gap":
  "GetFileFromUrl: FileNotFoundException when attempting get file Url /favicon.ico The system cannot find the file specified. (Exception from HRESULT: 0x80070002)"
  "Error in blob cache. System.IO.FileNotFoundException: The system cannot find the file specified. (Exception from HRESULT: 0x80070002)"
  "Unable to cache URL /FAVICON.ICO.  File was not found" 
  Looks like this is a bug and MS hasn't fixed it in Dec CU..
  &quot;The opinions expressed here represent my own and not those of anybody else&quot;

• Database large Number of archive log

  Oracle 11g
  window server 2008 R2
  My database working fine, from last week i have noticed that database generating large no of archive log.
  Database size is 30GB
  Only one table space is 16GB , other tablespaces not more 2 GB.
  I can not figured out why it  generating large no. of archive log. can any one help me to figure out.
  previous week i have only did these changes
  Drop index
  create index
  create new table from existing table.
  nothing else i  did.

  Hi
  As you say workload increases. See when the number of log switches goes high and take an AWR report or statspack report. Check the DML operations. Use below query to chk the log switches
  spool c:\log_hist.txt
  SET PAGESIZE 90
  SET LINESIZE 150
  set heading on
  column "00:00" format 9999
  column "01:00" format 9999
  column "02:00" format 9999
  column "03:00" format 9999
  column "04:00" format 9999
  column "05:00" format 9999
  column "06:00" format 9999
  column "07:00" format 9999
  column "08:00" format 9999
  column "09:00" format 9999
  column "10:00" format 9999
  column "11:00" format 9999
  column "12:00" format 9999
  column "13:00" format 9999
  column "14:00" format 9999
  column "15:00" format 9999
  column "16:00" format 9999
  column "17:00" format 9999
  column "18:00" format 9999
  column "19:00" format 9999
  column "20:00" format 9999
  column "21:00" format 9999
  column "22:00" format 9999
  column "23:00" format 9999
  SELECT * FROM (
  SELECT * FROM (
  SELECT TO_CHAR(FIRST_TIME, 'DD/MM') AS "DAY"
  , SUM(TO_NUMBER(DECODE(TO_CHAR(FIRST_TIME, 'HH24'), '00', 1, 0), '99')) "00:00"
  , SUM(TO_NUMBER(DECODE(TO_CHAR(FIRST_TIME, 'HH24'), '01', 1, 0), '99')) "01:00"
  , SUM(TO_NUMBER(DECODE(TO_CHAR(FIRST_TIME, 'HH24'), '02', 1, 0), '99')) "02:00"
  , SUM(TO_NUMBER(DECODE(TO_CHAR(FIRST_TIME, 'HH24'), '03', 1, 0), '99')) "03:00"
  , SUM(TO_NUMBER(DECODE(TO_CHAR(FIRST_TIME, 'HH24'), '04', 1, 0), '99')) "04:00"
  , SUM(TO_NUMBER(DECODE(TO_CHAR(FIRST_TIME, 'HH24'), '05', 1, 0), '99')) "05:00"
  , SUM(TO_NUMBER(DECODE(TO_CHAR(FIRST_TIME, 'HH24'), '06', 1, 0), '99')) "06:00"
  , SUM(TO_NUMBER(DECODE(TO_CHAR(FIRST_TIME, 'HH24'), '07', 1, 0), '99')) "07:00"
  , SUM(TO_NUMBER(DECODE(TO_CHAR(FIRST_TIME, 'HH24'), '08', 1, 0), '99')) "08:00"
  , SUM(TO_NUMBER(DECODE(TO_CHAR(FIRST_TIME, 'HH24'), '09', 1, 0), '99')) "09:00"
  , SUM(TO_NUMBER(DECODE(TO_CHAR(FIRST_TIME, 'HH24'), '10', 1, 0), '99')) "10:00"
  , SUM(TO_NUMBER(DECODE(TO_CHAR(FIRST_TIME, 'HH24'), '11', 1, 0), '99')) "11:00"
  , SUM(TO_NUMBER(DECODE(TO_CHAR(FIRST_TIME, 'HH24'), '12', 1, 0), '99')) "12:00"
  , SUM(TO_NUMBER(DECODE(TO_CHAR(FIRST_TIME, 'HH24'), '13', 1, 0), '99')) "13:00"
  , SUM(TO_NUMBER(DECODE(TO_CHAR(FIRST_TIME, 'HH24'), '14', 1, 0), '99')) "14:00"
  , SUM(TO_NUMBER(DECODE(TO_CHAR(FIRST_TIME, 'HH24'), '15', 1, 0), '99')) "15:00"
  , SUM(TO_NUMBER(DECODE(TO_CHAR(FIRST_TIME, 'HH24'), '16', 1, 0), '99')) "16:00"
  , SUM(TO_NUMBER(DECODE(TO_CHAR(FIRST_TIME, 'HH24'), '17', 1, 0), '99')) "17:00"
  , SUM(TO_NUMBER(DECODE(TO_CHAR(FIRST_TIME, 'HH24'), '18', 1, 0), '99')) "18:00"
  , SUM(TO_NUMBER(DECODE(TO_CHAR(FIRST_TIME, 'HH24'), '19', 1, 0), '99')) "19:00"
  , SUM(TO_NUMBER(DECODE(TO_CHAR(FIRST_TIME, 'HH24'), '20', 1, 0), '99')) "20:00"
  , SUM(TO_NUMBER(DECODE(TO_CHAR(FIRST_TIME, 'HH24'), '21', 1, 0), '99')) "21:00"
  , SUM(TO_NUMBER(DECODE(TO_CHAR(FIRST_TIME, 'HH24'), '22', 1, 0), '99')) "22:00"
  , SUM(TO_NUMBER(DECODE(TO_CHAR(FIRST_TIME, 'HH24'), '23', 1, 0), '99')) "23:00"
    FROM V$LOG_HISTORY
    WHERE extract(year FROM FIRST_TIME) = extract(year FROM sysdate)
    GROUP BY TO_CHAR(FIRST_TIME, 'DD/MM')
    ) ORDER BY TO_DATE(extract(year FROM sysdate) || DAY, 'YYYY DD/MM') DESC
    ) WHERE ROWNUM <8;
  spool off
  One common mistake is enabling debugging. You can  check in application code if any debugging is enabled. (insert every records for logging or support purpose)
  Regards
  Anand.

• Unidentifiable Event log entries..?

  Hi,
  sorry if this is not the right thread-group to post but I'm losing it.
  I keep getting the following event log descriptions for svcListener and svcListener Prof in my Event log. Does anyone know where this comes from?
  svcListener
  The description for Event ID ( 0 ) in Source ( svcListener ) cannot be found.
  The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer.
  You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details.
  The following information is part of the event: Cannot perform this operation on a closed dataset.svcListener - Prof
  The description for Event ID ( 0 ) in Source ( svcListener- Prof ) cannot be found.
  The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer.
  You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details.
  The following information is part of the event: Exception in Oracle Connection- 12560 EOracleError.Edited by: user574699 on 20-mei-2009 5:53

  Exception in Oracle Connection- 12560 EOracleError.12560, 00000, "TNS:protocol adapter error"
  // *Cause: A generic protocol adapter error occurred.
  // *Action: Check addresses used for proper protocol specification. Before
  // reporting this error, look at the error stack and check for lower level
  // transport errors. For further details, turn on tracing and reexecute the
  // operation. Turn off tracing when the operation is complete.

• Event log entries missing in PoSh but visible in Eventvwr

  Hi,
  I've noticed the following issue on about 10 out of 2500 computers which run a script on our domain, so its minor, but I'd like to understand why its happening.
  When I query the event log using the eventvwr GUI I can filter on event ID 7001 and all the events list fine. However when I run 'get-eventlog -logname system -instanceid 7001' it shows all the events except the last 3 or so most recent ones (which are visible
  in the GUI).
  I've cross referenced this with an event visible in the GUI that had an EventRecordID of 32029. But when querying this via PowerShell 'get-eventlog -logname system -index 32029' it returns 'no matches found'.
  Its a weird problem, because if I was to query to logs in a few hours time after a few more people have logged on/off the computer then the event would show in PowerShell, but the new most recent ones wouldn't.
  Is there a caching mechanism at work, and if so how could I disable it? Its interesting that these machines are all built from the same WDS image with the same GPO's applied but only a very small percentage exhibit this issue, all other machines show recent
  event logs in PowerShell instantly.
  I should also mention that these are all Windows 7 x64 computers.
  Any help appreciated.
  Thanks,
  Phil

  Hi,
  Based on my understanding, only some of your computers have this issue. And when use WMI, we could query all of the events, but when use powershell command, some logs are missing.
  I would like to know that when we use 'get-eventlog -logname system -instanceid 7001| out-file c:\result.txt', how many logs are there?
  What I think it may caused by there are so many logs information, and could not be dispalyed out. We may try some other logs also.
  Regards,
  Yan Li
  TechNet Subscriber Support
  If you are
  TechNet Subscription
  user and have any feedback on our support quality, please send your feedback
  here.
  We
  are trying to better understand customer views on social support experience, so your participation in this
  interview project would be greatly appreciated if you have time.
  Thanks for helping make community forums a great place.

• WMI stops returning event log entries

  A little bit of a strange issues with Server 2008. We've been trying to implement cisco CDA for a customer which uses wmi to read the security log on a DC and then matches the users up with the devices that are connecting to the network. Every week or so
  the CDA would stop receiving mappings from 2 out of 3 domain controllers. Once the wmi service is restarted on the DC the events start going through again.
  I've been able to replicate the behaviour using a script:
  strComputer = "dc-001.domain.local"
  Set objWMIService = GetObject("winmgmts:{(Security)}\\" & _
  strComputer & "\root\cimv2")
  Set colMonitoredEvents = objWMIService.ExecNotificationQuery _    
  ("Select * from __InstanceCreationEvent Where " _
  & "TargetInstance ISA 'Win32_NTLogEvent' " _
  & "and TargetInstance.EventCode=4768")
  Do While True
  Set objLatestEvent = colMonitoredEvents.NextEvent()
  Wscript.Echo objLatestEvent.TargetInstance.User
  Wscript.Echo objLatestEvent.TargetInstance.TimeWritten
  wscript.Echo objLatestEvent.TargetInstance.Message
  Wscript.Echo
  Loop
  This hotfix http://support.microsoft.com/kb/2705357 seems to match what I'm seeing as there
  are no errors ...just no events returned back. Unfortunately installing the hotfix made no difference at all.
  It's also worth noting I can run different wmi queries while the one above isn't working so wmi service is up and running.
  Has anyone else come across this, or have I missed another patch somewhere?

  Hi Kacenka,
  On current situation, please use
  WMI Diagnosis Tool to ascertain the current state of the WMI service. For more details, please refer to the following article.
  WMIDiag 2.1 is here!
  Meanwhile, please post the above script in the
  Official Scripting Guys Forum, then confirm if it can help you to achieve that target correctly.
  If any more detail, please feel free to let me know.
  Hope this helps.
  Best regards,
  Justin Gu

• Wireless ThinkPad 11abgn for Windows XP, 2000 ver.7.4.2.105 - new event log entries since update

  On 10/17/08, I updated my wireless ThinkPad 11abgn driver from version 6.0.3.94 to 7.4.2.105.  The update was a nice improvement as I now connect faster than with the older driver.  However, although no impact to my T60 performance, ever since the new driver was installed, the following has occurred:
  1. A new entry in the Event Viewer called ACS
  2. Multiple "ccxroaming" entries are generated every time my laptop comes out of standby (anywhere from 4 to 7 entries each time!)
  3. Since 10/17/08, I have generated 951 ACS events!!
  For example, this morning, after coming out of standby (AC mode), the following entries were generated from oldest to newest:
  The description for Event ID ( 1 ) in Source ( ccxroaming ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: <15> Oct 28 8:28:57 (my computer name) Wireless Adapter removed...
  The description for Event ID ( 1 ) in Source ( ccxroaming ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: <15> Oct 28 8:28:57 (my computer name) New Wireless Adapter detected..
  The description for Event ID ( 1 ) in Source ( ccxroaming ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: <15> Oct 28 8:29:02 (my computer name) System resumed from suspend state..
  The description for Event ID ( 1 ) in Source ( ccxroaming ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: <15> Oct 28 8:29:02 (my computer name) New Wireless Adapter detected..
  The description for Event ID ( 1 ) in Source ( ccxroaming ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: <15> Oct 28 8:29:03  (my computer name) System resumed from suspend state..
  The description for Event ID ( 1 ) in Source ( ccxroaming ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: <15> Oct 28 8:29:06 (my computer name) Wireless Adapter associated successfully..
  I can understand Lenovo possibly wanting to generate this information when testing a new driver in-house, but does this really need to be passed on the end user?
  T60, 8744-5BU: 2.0 GHz T7200, 4 GB RAM, 15.4" WSXGA+, 1680x1050 ATI Mobility Radeon X1400, Win 7 Ultimate w/SP1 - 64-bit

  I downgraded upower, and it didn't fix the problem, so I re-upgraded it and built/installed xfce4-power-manager-git. It's now reporting the correct battery level but the systray icon is missing (replaced by the 'blank screen' icon).
  EDIT: in fact, no, it's still not reporting correctly.
  Last edited by markhadman (2014-04-19 12:35:08)

• Large number of objets - log miner scalability?

  We have been consolidating several departmental databases into one big RAC database. Moreover, in tests databases we are cloning test cells (for example, an application schema is getting cloned hundred of times so that our users may test independently from each others).
  So, our acception test database now have about 500,000 objects in it. We have production databases with over 2 millions objects in it.
  We are using streams. At this time we're using a local capture, but our architecture aims to use downstream capture soon... We are concerned about the resources required for the log miner data dictionary build.
  We are currently not using DBMS_LOGMNR_D.build directly, but rather indirectly through the DBMS_STREAMS_ADM.add_table_rule. We only want to replicate about 30 tables.
  We are surprised to find that the log miner always build a complete data dictionary for every objets of the database (tables, partitions, columns, users, and so on).
  Apparently there is no way to create a partial data dictionary even by using DBMS_LOGMNR_D.BUILD directly...
  Lately, it took more than 2 hours just to build the log miner data dictionary on a busy system! And we ended up with an ORA-01280 error. So we started all over again...
  We just increased our redo log size recently. I haven't had a chance to test after the change. Our redo log was only 4MB, we increased it to 64MB to reduce checkpoint activity. This will probably help...
  Does anybody has encountered slow log miner dictionary build?
  Any advice?
  Thanks you in advance.
  Jocelyn

  Hello Jocelyn,
  In streams environment, the logminer dictionary build is done using DBMS_CAPTURE_ADM.BUILD procedure. You should not be using DBMS_LOGMNR_D.BUILD for this.
  In Streams Environment, DBMS_STREAMS_ADM.ADD_TABLE_RULE will dump the dictionary only on the first time when you call this, since the capture process is not yet created and it will be created only when you call DBMS_STREAMS_ADM.ADD_TABLE_RULE and a dictionary dump as well. Logminer dictionary will have the information about all the objects like tables, partitions, columns, users and etc.. The dictionary dump will take time depends on the number of objects in the database since if the number of objects are very high in the database then the data dictionary itself will be big.
  Your redo size 64MB and this is too small for a production system, you should consider having a redo log size of 200M atleast.
  You can have a complete logminer dictionary build using DBMS_CAPTURE_ADM.BUILD and then create a capture process using the FIRST_SCN returned from the BUILD procedure.
  Let me know if you have more doubts.
  Thanks,
  Rijesh

• Connection Timeout Expired in Windows Event Logs

  I just recently installed SharePoint 2013 SP1 on a Windows Server 2008 R2 SP1 server and have been receiving this error message in the Windows Event logs:
  Cannot connect to SQL Server.  <database server name> not found.  Additional error information from SQL Server is included below.
  Connection Timeout Expired.  The timeout period elapsed during the post-login phase.  The connection could have timed out while waiting for server to complete the login process and respond; Or it could have timed out while attempting to create
  multiple active connections.  The duration spent while attempting to connect to this server was - [Pre-Login] initialization=12; handshake=6; [Login] initialization=0; authentication=0; [Post-Login] complete=14000;
  I have never seen this error message before in my life on any prior installation of SharePoint that I have ever done.  It is only occurring on this one particular installation of SharePoint.  The environment is corporate built, so I have no idea
  as to how to troubleshoot or determine the root cause of this error message.
  I looked at the value of the database-connection-timeout in stsadm and it gets back a value of 15, however, I am unable to alter the database connection timeout using stsadm since I either get an "Object reference not sent to an instance of an object"
  error message or "This operation can be performed only on a computer that is joined to a server farm by users who have permissions in SQL Server to read from the configuration database.  To connect this server to the server farm, use the SharePoint
  Products Configuration Wizard, located on the Start menu in Microsoft SharePoint 2010 Products."
  Please advise. 

  What is specification of your SQL server? i think its more CPU, RAM, I/O issue with SQL server.
  under which account you are running the stsadm command?
  check this one
  http://stackoverflow.com/questions/21230927/sql-azure-the-timeout-period-elapsed-during-the-post-login-phase
  may be you fall in this bug
  http://connect.microsoft.com/VisualStudio/feedback/details/821803/connection-timeout-expired-the-timeout-period-elapsed-during-the-post-login-phase
  Please remember to mark your question as answered &Vote helpful,if this solves/helps your problem. ****************************************************************************************** Thanks -WS MCITP(SharePoint 2010, 2013) Blog: http://wscheema.com/blog

• Event Log Help Links No Longer Working?

  Have the help links in the Windows XP event log entries been discontinued?
  They used to open up the Help and Support Center with further information about the Event Log error if it was available.
  For some time now they have all just given a "page not found" error, which then re-directs to Bing with offered results that are no use at all!
  This happens now on every XP system I've tried it on.
  As a user of Windows 8.1 as well as XP, I'm well aware that the Windows 8 Event Log help links have never worked so far, but the XP ones always did, and despite the looming "End of Support" I can see no reason for all that information to have been
  removed.
  Any explanation for this?
  Thanks, Dave Hawley.

  Hi - thank you DaveHawley for the report. Just wanted to confirm that I've passed this on to the team that looks after the redirect service behind the "More Info" link.
  There have been some major changes in how this redirection works over the years as well as in the last months. The most recent efforts added the option to enable use of the TechNet Wiki [sample]
  to allow the community to comment & contribute for a given component. I'm only guessing here, but this might have accidentally impacted XP.
  Thanks
  Bruno

• Thinking about using the Windows Event Logs as my main log store - looking for pros and cons

  I have been writing some larger scripts that write to physical log files.  Until today I have avoided trying to use the Windows Event logs, but, am beginning to rethink this and wondered if anyone has done this, and, what the strengths and weaknesses
  of this logging approach has been.  If I do it, I will probably write a function that accepts pipelined input and simply pass output to the log.  I wanted to get a feel for what I would be getting into before I started writing things up since this
  will probably take a little bit of work to get set up to run properly.

  At my company we use the Windows event log for many of our batch process logging for several reasons:
  Unlike logging to a central database, the Windows event log is always available. I've seen poorly thought out logging solution which log to a database and if the database happens to be unavailable the batch process would fail.
  Monitoring tool such as SCOM already have Windows event log watchers so adding alerts to take action based on message written to the Windows event log is easy
  Built-in support for writing Windows event log entries in the Powershell V2 write-eventlog cmdlet, a simple CLR can created in SQL Server or even command-line eventcreate.exe
  Easy to create a custom event log so you don't have to use the default application log in Windows 2008 and higher.
  Most shrink-wrap S/W already use the event log
  Issues I've seen:
  Windows 2008 with UAC on requires "registering" i.e. creating a new event log source with UAC. This can be done one time manually. Unfortunately there isn't a way to automate UAC--pure GUI. The Powershell command would be "New-EventLog -LogName Application
  -Source  mysource" if you're using the Application log and must be run as  administrator.
  Errant process writes many entries to the event log. Depending on the volume like for example writing stack dumps this can performance problems. I  think I recall an issue an Windows 2003 or Windows 2008 with UAC off  if you're creating a new
  event log source each time (which you shouldn't) then these results in many registry entries which can cause problems.
  I don't think the issues outweigh the benefits--just something to be aware of.