Screencasts - Hilfsvideos
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

Unable to integrate 2k8 R2 with SSIM.

Created: 03 Feb. 2013 | 6 Kommentare

Dear All,

I want to integrate 2k8 R2 with SSIM.

I have configured all the setings on target server.

But while applied below command i got eror that interface is unknown.

wevtutil sl system /ca:O:BAG:SYD:(A;;0xf0005;;;SY)(A;;0x5;;;BA)(A;;0x1;;;S-1-5-32-573)(A;;0x1;;;S-1-5-20)

Please find attached screen-shot for the same. and suggest on priority basis.

Kommentare KommentareZum neuesten Kommentar

das Bild der Laurent_cs

What output of command if you run :

wevtutil gl security ?

das Bild der Milan_Ts

Hi Laurent,

I have tryied to run below mentioned command:

wevtutil gl security

It shows interface is unknown

das Bild der olafs

What does the following command return:

wevtutil el

This should return all known log interfaces.

das Bild der Milan_Ts

Dear Olaf,

output of given command was as below.

C:\Users\Administrator>wevtutil el
Application
HardwareEvents
Internet Explorer
Key Management Service
Security
System
EndpointMapper
ForwardedEvents
Microsoft-Windows-ADSI/Debug
Microsoft-Windows-Bits-Client/Analytic
Microsoft-Windows-Bits-Client/Operational
Microsoft-Windows-CAPI2/Operational
Microsoft-Windows-CertificateServicesClient-CredentialRoaming/Operational
Microsoft-Windows-CodeIntegrity/Operational
Microsoft-Windows-CodeIntegrity/Verbose
Microsoft-Windows-COM/Analytic
Microsoft-Windows-CorruptedFileRecovery-Client/Operational
Microsoft-Windows-CorruptedFileRecovery-Server/Operational
Microsoft-Windows-CredUI/Diagnostic
Microsoft-Windows-DateTimeControlPanel/Analytic
Microsoft-Windows-DateTimeControlPanel/Debug
Microsoft-Windows-DateTimeControlPanel/Operational
Microsoft-Windows-DCLocator/Debug
Microsoft-Windows-Diagnosis-DPS/Analytic
Microsoft-Windows-Diagnosis-DPS/Debug
Microsoft-Windows-Diagnosis-DPS/Operational
Microsoft-Windows-Diagnosis-MSDT/Debug
Microsoft-Windows-Diagnosis-MSDT/Operational
Microsoft-Windows-Diagnosis-PLA/Debug
Microsoft-Windows-Diagnosis-PLA/Operational
Microsoft-Windows-Diagnosis-WDI/Debug
Microsoft-Windows-Diagnostics-Networking/Debug
Microsoft-Windows-Diagnostics-Networking/Operational
Microsoft-Windows-DriverFrameworks-UserMode/Operational
Microsoft-Windows-DxgKrnl/Diagnostic
Microsoft-Windows-EFS/Debug
Microsoft-Windows-EventCollector/Debug
Microsoft-Windows-EventCollector/Operational
Microsoft-Windows-Eventlog-ForwardPlugin/Debug
Microsoft-Windows-EventLog-WMIProvider/Debug
Microsoft-Windows-EventLog/Analytic
Microsoft-Windows-EventLog/Debug
Microsoft-Windows-FileInfoMinifilter/Operational
Microsoft-Windows-Firewall-CPL/Diagnostic
Microsoft-Windows-Forwarding/Operational
Microsoft-Windows-FunctionDiscoveryHost/Tracing
Microsoft-Windows-GroupPolicy/Operational
Microsoft-Windows-Help/Operational
Microsoft-Windows-HttpService/Trace
Microsoft-Windows-International/Operational
Microsoft-Windows-IPSEC-SRV/Diagnostic
Microsoft-Windows-Kernel-Acpi/Diagnostic
Microsoft-Windows-Kernel-BootDiagnostics/Diagnostic
Microsoft-Windows-Kernel-PnP/Diagnostic
Microsoft-Windows-Kernel-Power/Diagnostic
Microsoft-Windows-Kernel-Prefetch/Diagnostic
Microsoft-Windows-Kernel-Process/Analytic
Microsoft-Windows-Kernel-Processor-Power/Diagnostic
Microsoft-Windows-Kernel-Registry/Analytic
Microsoft-Windows-Kernel-WDI/Analytic
Microsoft-Windows-Kernel-WDI/Debug
Microsoft-Windows-Kernel-WDI/Operational
Microsoft-Windows-Kernel-WHEA
Microsoft-Windows-LanguagePackSetup/Analytic
Microsoft-Windows-LanguagePackSetup/Debug
Microsoft-Windows-LanguagePackSetup/Operational
Microsoft-Windows-LDAP-Client/Debug
Microsoft-Windows-MemoryDiagnostics-Results/Debug
Microsoft-Windows-MPS-CLNT/Diagnostic
Microsoft-Windows-MPS-DRV/Diagnostic
Microsoft-Windows-MPS-SRV/Diagnostic
Microsoft-Windows-MUI/Operational
Microsoft-Windows-NetworkAccessProtection/Operational
Microsoft-Windows-OfflineFiles/Analytic
Microsoft-Windows-OfflineFiles/Debug
Microsoft-Windows-OfflineFiles/Operational
Microsoft-Windows-OfflineFiles/SyncLog
Microsoft-Windows-OLEACC/Debug
Microsoft-Windows-OLEACC/Diagnostic
Microsoft-Windows-PowerCfg/Diagnostic
Microsoft-Windows-PowerCpl/Diagnostic
Microsoft-Windows-PrintSpooler/Aux-Analytic
Microsoft-Windows-PrintSpooler/Core-Analytic
Microsoft-Windows-PrintSpooler/Core-Debug
Microsoft-Windows-PrintSpooler/ISV-Analytic
Microsoft-Windows-Program-Compatibility-Assistant/Operational
Microsoft-Windows-QoS-Pacer/Debug
Microsoft-Windows-ReliabilityAnalysisComponent/Metrics
Microsoft-Windows-ReliabilityAnalysisComponent/Operational
Microsoft-Windows-Resource-Exhaustion-Detector/Operational
Microsoft-Windows-ResourcePublication/Tracing
Microsoft-Windows-RestartManager/Operational
Microsoft-Windows-RPC/Debug
Microsoft-Windows-RPC/EEInfo
Microsoft-Windows-Security-Configuration-Wizard/Diagnostic
Microsoft-Windows-Security-Configuration-Wizard/Operational
Microsoft-Windows-Security-Licensing-SLC/Perf
Microsoft-Windows-Sens/Debug
Microsoft-Windows-ServerManager/Analytic
Microsoft-Windows-ServerManager/Operational
Microsoft-Windows-ServiceReportingApi/Debug
Microsoft-Windows-Services-Svchost/Diagnostic
Microsoft-Windows-Services/Diagnostic
Microsoft-Windows-Shell-AuthUI-Common/Diagnostic
Microsoft-Windows-Shell-AuthUI-CredUI/Diagnostic
Microsoft-Windows-Shell-AuthUI-Logon/Diagnostic
Microsoft-Windows-Shell-AuthUI-PasswordProvider/BootAnim
Microsoft-Windows-Shell-AuthUI-PasswordProvider/Diagnostic
Microsoft-Windows-Shell-AuthUI-Shutdown/Diagnostic
Microsoft-Windows-Shell-DefaultPrograms/Diagnostic
Microsoft-Windows-Shell-Shwebsvc
Microsoft-Windows-Shell-ZipFolder/Diagnostic
Microsoft-Windows-stobject/Diagnostic
Microsoft-Windows-Subsys-Csr/Operational
Microsoft-Windows-Subsys-SMSS/Operational
Microsoft-Windows-TaskScheduler/Debug
Microsoft-Windows-TaskScheduler/Diagnostic
Microsoft-Windows-TaskScheduler/Operational
Microsoft-Windows-TerminalServices-PnPDevices/Admin
Microsoft-Windows-TerminalServices-PnPDevices/Analytic
Microsoft-Windows-TerminalServices-PnPDevices/Debug
Microsoft-Windows-TerminalServices-PnPDevices/Operational
Microsoft-Windows-TerminalServices-RDPClient/Analytic
Microsoft-Windows-TerminalServices-RDPClient/Debug
Microsoft-Windows-TerminalServices-RDPClient/Operational
Microsoft-Windows-TerminalServices-RemoteConnectionManager/Analytic
Microsoft-Windows-TerminalServices-RemoteConnectionManager/Debug
Microsoft-Windows-TerminalServices-RemoteConnectionManager/Operational
Microsoft-Windows-UAC-FileVirtualization/Operational
Microsoft-Windows-UAC/Operational
Microsoft-Windows-UIAutomationCore/Debug
Microsoft-Windows-UIAutomationCore/Diagnostic
Microsoft-Windows-UIAutomationCore/Perf
Microsoft-Windows-User-Loader/Analytic
Microsoft-Windows-VolumeSnapshot-Driver/Operational
Microsoft-Windows-WindowsUpdateClient/Operational
Microsoft-Windows-WinINet/Analytic
Microsoft-Windows-Wininit/Diagnostic
Microsoft-Windows-Winlogon/Diagnostic
Microsoft-Windows-Winlogon/Operational
Microsoft-Windows-WinRM/Analytic
Microsoft-Windows-WinRM/Debug
Microsoft-Windows-Winsock-AFD/Operational
Microsoft-Windows-Winsock-WS2HELP/Operational
Microsoft-Windows-Winsrv/Analytic
Microsoft-Windows-Wired-AutoConfig/Operational
Microsoft-Windows-WMI-Activity/Trace
Microsoft-Windows-WUSA/Debug
Setup

C:\Users\Administrator>

das Bild der olafs

Your command shows that the Security log should be there.

I have never seen the commend failing with this error.

There seems to be something wrong with your OS when the command "wevtutil gl security" already fails.

This command should just list the configuration setting of the security log.

Can you run this command for any of the other logs (for example System or Application)?

wevtutil gl system

I would recommend to talk to Microsoft support in this case.

das Bild der Milan_Ts

Thanx olaf,

We will open a case with Microsoft tech support.

This was issue from OS and that's why we could not integrate with SSIM.