Ayuda de vídeo de Screencast
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

Unable to integrate 2k8 R2 with SSIM.

Created: 03 Febrero 2013 | 6 comments

Dear All,

I want to integrate 2k8 R2 with SSIM.

I have configured all the setings on target server.

But while applied below command i got eror that interface is unknown.

wevtutil sl system /ca:O:BAG:SYD:(A;;0xf0005;;;SY)(A;;0x5;;;BA)(A;;0x1;;;S-1-5-32-573)(A;;0x1;;;S-1-5-20)

Please find attached screen-shot for the same. and suggest on priority basis.

Comentarios ComentariosIr al último comentario

el cuadro de los Laurent_c

What output of command if you run :

wevtutil gl security ?

el cuadro de los Milan_T

Hi Laurent,

I have tryied to run below mentioned command:

wevtutil gl security

It shows interface is unknown

el cuadro de los olaf

What does the following command return:

wevtutil el

This should return all known log interfaces.

el cuadro de los Milan_T

Dear Olaf,

output of given command was as below.

C:\Users\Administrator>wevtutil el
Application
HardwareEvents
Internet Explorer
Key Management Service
Security
System
EndpointMapper
ForwardedEvents
Microsoft-Windows-ADSI/Debug
Microsoft-Windows-Bits-Client/Analytic
Microsoft-Windows-Bits-Client/Operational
Microsoft-Windows-CAPI2/Operational
Microsoft-Windows-CertificateServicesClient-CredentialRoaming/Operational
Microsoft-Windows-CodeIntegrity/Operational
Microsoft-Windows-CodeIntegrity/Verbose
Microsoft-Windows-COM/Analytic
Microsoft-Windows-CorruptedFileRecovery-Client/Operational
Microsoft-Windows-CorruptedFileRecovery-Server/Operational
Microsoft-Windows-CredUI/Diagnostic
Microsoft-Windows-DateTimeControlPanel/Analytic
Microsoft-Windows-DateTimeControlPanel/Debug
Microsoft-Windows-DateTimeControlPanel/Operational
Microsoft-Windows-DCLocator/Debug
Microsoft-Windows-Diagnosis-DPS/Analytic
Microsoft-Windows-Diagnosis-DPS/Debug
Microsoft-Windows-Diagnosis-DPS/Operational
Microsoft-Windows-Diagnosis-MSDT/Debug
Microsoft-Windows-Diagnosis-MSDT/Operational
Microsoft-Windows-Diagnosis-PLA/Debug
Microsoft-Windows-Diagnosis-PLA/Operational
Microsoft-Windows-Diagnosis-WDI/Debug
Microsoft-Windows-Diagnostics-Networking/Debug
Microsoft-Windows-Diagnostics-Networking/Operational
Microsoft-Windows-DriverFrameworks-UserMode/Operational
Microsoft-Windows-DxgKrnl/Diagnostic
Microsoft-Windows-EFS/Debug
Microsoft-Windows-EventCollector/Debug
Microsoft-Windows-EventCollector/Operational
Microsoft-Windows-Eventlog-ForwardPlugin/Debug
Microsoft-Windows-EventLog-WMIProvider/Debug
Microsoft-Windows-EventLog/Analytic
Microsoft-Windows-EventLog/Debug
Microsoft-Windows-FileInfoMinifilter/Operational
Microsoft-Windows-Firewall-CPL/Diagnostic
Microsoft-Windows-Forwarding/Operational
Microsoft-Windows-FunctionDiscoveryHost/Tracing
Microsoft-Windows-GroupPolicy/Operational
Microsoft-Windows-Help/Operational
Microsoft-Windows-HttpService/Trace
Microsoft-Windows-International/Operational
Microsoft-Windows-IPSEC-SRV/Diagnostic
Microsoft-Windows-Kernel-Acpi/Diagnostic
Microsoft-Windows-Kernel-BootDiagnostics/Diagnostic
Microsoft-Windows-Kernel-PnP/Diagnostic
Microsoft-Windows-Kernel-Power/Diagnostic
Microsoft-Windows-Kernel-Prefetch/Diagnostic
Microsoft-Windows-Kernel-Process/Analytic
Microsoft-Windows-Kernel-Processor-Power/Diagnostic
Microsoft-Windows-Kernel-Registry/Analytic
Microsoft-Windows-Kernel-WDI/Analytic
Microsoft-Windows-Kernel-WDI/Debug
Microsoft-Windows-Kernel-WDI/Operational
Microsoft-Windows-Kernel-WHEA
Microsoft-Windows-LanguagePackSetup/Analytic
Microsoft-Windows-LanguagePackSetup/Debug
Microsoft-Windows-LanguagePackSetup/Operational
Microsoft-Windows-LDAP-Client/Debug
Microsoft-Windows-MemoryDiagnostics-Results/Debug
Microsoft-Windows-MPS-CLNT/Diagnostic
Microsoft-Windows-MPS-DRV/Diagnostic
Microsoft-Windows-MPS-SRV/Diagnostic
Microsoft-Windows-MUI/Operational
Microsoft-Windows-NetworkAccessProtection/Operational
Microsoft-Windows-OfflineFiles/Analytic
Microsoft-Windows-OfflineFiles/Debug
Microsoft-Windows-OfflineFiles/Operational
Microsoft-Windows-OfflineFiles/SyncLog
Microsoft-Windows-OLEACC/Debug
Microsoft-Windows-OLEACC/Diagnostic
Microsoft-Windows-PowerCfg/Diagnostic
Microsoft-Windows-PowerCpl/Diagnostic
Microsoft-Windows-PrintSpooler/Aux-Analytic
Microsoft-Windows-PrintSpooler/Core-Analytic
Microsoft-Windows-PrintSpooler/Core-Debug
Microsoft-Windows-PrintSpooler/ISV-Analytic
Microsoft-Windows-Program-Compatibility-Assistant/Operational
Microsoft-Windows-QoS-Pacer/Debug
Microsoft-Windows-ReliabilityAnalysisComponent/Metrics
Microsoft-Windows-ReliabilityAnalysisComponent/Operational
Microsoft-Windows-Resource-Exhaustion-Detector/Operational
Microsoft-Windows-ResourcePublication/Tracing
Microsoft-Windows-RestartManager/Operational
Microsoft-Windows-RPC/Debug
Microsoft-Windows-RPC/EEInfo
Microsoft-Windows-Security-Configuration-Wizard/Diagnostic
Microsoft-Windows-Security-Configuration-Wizard/Operational
Microsoft-Windows-Security-Licensing-SLC/Perf
Microsoft-Windows-Sens/Debug
Microsoft-Windows-ServerManager/Analytic
Microsoft-Windows-ServerManager/Operational
Microsoft-Windows-ServiceReportingApi/Debug
Microsoft-Windows-Services-Svchost/Diagnostic
Microsoft-Windows-Services/Diagnostic
Microsoft-Windows-Shell-AuthUI-Common/Diagnostic
Microsoft-Windows-Shell-AuthUI-CredUI/Diagnostic
Microsoft-Windows-Shell-AuthUI-Logon/Diagnostic
Microsoft-Windows-Shell-AuthUI-PasswordProvider/BootAnim
Microsoft-Windows-Shell-AuthUI-PasswordProvider/Diagnostic
Microsoft-Windows-Shell-AuthUI-Shutdown/Diagnostic
Microsoft-Windows-Shell-DefaultPrograms/Diagnostic
Microsoft-Windows-Shell-Shwebsvc
Microsoft-Windows-Shell-ZipFolder/Diagnostic
Microsoft-Windows-stobject/Diagnostic
Microsoft-Windows-Subsys-Csr/Operational
Microsoft-Windows-Subsys-SMSS/Operational
Microsoft-Windows-TaskScheduler/Debug
Microsoft-Windows-TaskScheduler/Diagnostic
Microsoft-Windows-TaskScheduler/Operational
Microsoft-Windows-TerminalServices-PnPDevices/Admin
Microsoft-Windows-TerminalServices-PnPDevices/Analytic
Microsoft-Windows-TerminalServices-PnPDevices/Debug
Microsoft-Windows-TerminalServices-PnPDevices/Operational
Microsoft-Windows-TerminalServices-RDPClient/Analytic
Microsoft-Windows-TerminalServices-RDPClient/Debug
Microsoft-Windows-TerminalServices-RDPClient/Operational
Microsoft-Windows-TerminalServices-RemoteConnectionManager/Analytic
Microsoft-Windows-TerminalServices-RemoteConnectionManager/Debug
Microsoft-Windows-TerminalServices-RemoteConnectionManager/Operational
Microsoft-Windows-UAC-FileVirtualization/Operational
Microsoft-Windows-UAC/Operational
Microsoft-Windows-UIAutomationCore/Debug
Microsoft-Windows-UIAutomationCore/Diagnostic
Microsoft-Windows-UIAutomationCore/Perf
Microsoft-Windows-User-Loader/Analytic
Microsoft-Windows-VolumeSnapshot-Driver/Operational
Microsoft-Windows-WindowsUpdateClient/Operational
Microsoft-Windows-WinINet/Analytic
Microsoft-Windows-Wininit/Diagnostic
Microsoft-Windows-Winlogon/Diagnostic
Microsoft-Windows-Winlogon/Operational
Microsoft-Windows-WinRM/Analytic
Microsoft-Windows-WinRM/Debug
Microsoft-Windows-Winsock-AFD/Operational
Microsoft-Windows-Winsock-WS2HELP/Operational
Microsoft-Windows-Winsrv/Analytic
Microsoft-Windows-Wired-AutoConfig/Operational
Microsoft-Windows-WMI-Activity/Trace
Microsoft-Windows-WUSA/Debug
Setup

C:\Users\Administrator>

el cuadro de los olaf

Your command shows that the Security log should be there.

I have never seen the commend failing with this error.

There seems to be something wrong with your OS when the command "wevtutil gl security" already fails.

This command should just list the configuration setting of the security log.

Can you run this command for any of the other logs (for example System or Application)?

wevtutil gl system

I would recommend to talk to Microsoft support in this case.

el cuadro de los Milan_T

Thanx olaf,

We will open a case with Microsoft tech support.

This was issue from OS and that's why we could not integrate with SSIM.