ITsVISTA
Information that makes life easier when it comes to installing, managing, and using Windows Vista.
Start About FAQ Blogroll Shop

ITsVISTA KB-Link: KB2458331

You cannot receive event notifications after you back up and then clear event logs in Windows Server 2008 or in Windows Vista

Consider the following scenario:

  • You have a computer that is running Windows Server 2008 or Windows Vista.
  • You subscribe to receive notifications when some specific events are added to event logs. For example, you subscribe to receive a notification when a specific event is added to the security event log.
  • You back up and then clear the event logs.

In this scenario, you cannot receive event notifications when new specified events are added to the event logs.

Notes:

  • This issue affects any program that uses the EvtSubscribe function.
  • The issue does not occur in Windows Server 2008 R2 or in Windows 7.

Here is a sample scenario:

  • You install Microsoft System Center Operations Manager 2007 on a server in a domain environment.
  • You install the System Center Operations Manager 2007 agent on a client computer that is running Windows Server 2008 in the domain.
  • You create a rule on the client computer to generate a message when a specified event is added to the security event log.
  • You can receive a message when the specified event is added to the security event log.
  • You back up and then clear the security event log.

In this scenario, you cannot receive messages for any specified events that are added to the security event log.

There is a download that resolves this issue. See Hotfixes for details.
32-bit Download: Contact Microsoft
64-Bit Download: Contact Microsoft

For more information on this issue, including potential causes, workarounds, and resolutions, see: Microsoft KB Article KB2458331.

Get notified of new posts for FREE via RSS or E-mail

Subscribe to ITsVISTA!

Related Posts