KB2458331

Consider the following scenario:

  • You have a computer that is running Windows Server 2008 or Windows Vista.
  • You subscribe to receive notifications when some specific events are added to event logs. For example, you subscribe to receive a notification when a specific event is added to the security event log.
  • You back up and then clear the event logs.

In this scenario, you cannot receive event notifications when new specified events are added to the event logs.

Notes:

  • This issue affects any program that uses the EvtSubscribe function.
  • The issue does not occur in Windows Server 2008 R2 or in Windows 7.

Here is a sample scenario:

  • You install Microsoft System Center Operations Manager 2007 on a server in a domain environment.
  • You install the System Center Operations Manager 2007 agent on a client computer that is running Windows Server 2008 in the domain.
  • You create a rule on the client computer to generate a message when a specified event is added to the security event log.
  • You can receive a message when the specified event is added to the security event log.
  • You back up and then clear the security event log.

In this scenario, you cannot receive messages for any specified events that are added to the security event log.