[logs] Some remarks regarding Vista's event logging
Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]
sbradcpa at pacbell.net
Thu Apr 12 00:10:52 PDT 2007
First off the events logs in vista are .evtx not evt so again, they are
XML based.
Then I think you'll find they work better the other way around.
From the Vista machine on the domain I can go into the log files,
"connect to other computer" it then lets me drill down via AD (small
home network here obviously) I then drill back to the log files on my XP
Media Center Edition where I can be on the Vista box and see the log
files on the XP.
http://www.sbslinks.com/logs.htm
Check out those images of being on a Vista (sorry it's a crappy image as
I'm TS'ing across to my Sister's Vista and snapping screen shots)
Looks to me like from a v6 I can read a v5 just fine.
(I should go try out the server..that connect to another computer is
reallllly kewl)
Frank Heyne wrote:
> We never installed a beta version of Vista on those machines :-)
> I checked around 10 different installations of Vista (Enterprise,
> Bussines, Ultimate, English and German, 32 and 64 bit), all installed on
> clean partitions on different machines from either MSDN DVDs or images
> downloaded from MSDN. The Registry errors are an ALL those installations.
> With other words, I never saw a version of Vista without those errors.
>
> Have fun
> Frank Heyne
> http://www.heysoft.de/
>
>
>> Frank, it appears that your test machine was upgraded (perhaps multiple
>> times) from pre-release version of Windows and that THAT had been
>> upgraded from Windows XP, and that your registry contains entries that
>> were bugs in pre-release versions that are not present in RTM.
>>
>> I would encourage you to repeat your test on a clean, new installation
>> of a RTM Windows Vista machine (not an upgrade from a beta), and report
>> any problems that still remain.
>>
>> We know that Windows XP's Event Viewer does NOT have full support for
>> uplevel logs, and it probably never will, but things are not quite as
>> bad as you describe.
>>
>> Best regards,
>> Eric
>>
>>
>> -----Original Message-----
>> From: loganalysis-bounces at loganalysis.org
>> [mailto:loganalysis-bounces at loganalysis.org] On Behalf Of Frank Heyne
>> Sent: Wednesday, April 11, 2007 1:58 AM
>> To: loganalysis at loganalysis.org
>> Subject: Re: [logs] Some remarks regarding Vista's event logging
>>
>>
>>> You can't look at a Vista event log on an XP.
>>>
>> This is not entirely true:
>> 1. You can look at the Application, System and Security log of a Vista
>> machine from NT 5 very well, (and much better as the Event Viewer does,
>> by
>> the way).
>> 2. You could look at the other logs mentioned in the article as well, if
>> the Registry values would not be as buggy as they are.
>> 3. You could look at all Vista logs from NT 5 if the OpenEventlog
>> function
>> would work as documented (that is, would open all event files under
>> Vista)
>>
>> As I wrote at the end of the article, the logs mentioned do not work at
>> all, because Vista does not write any events into them. So it does not
>> matter from where you want to open them.
>>
>>
>>
>>> Service pack has nothing to do with this issue..
>>>
>> I would not wonder when the errors in the Registry would go away with
>> SP1 of Vista ;-)
>>
>
>
> _______________________________________________
> LogAnalysis mailing list
> LogAnalysis at loganalysis.org
> http://www.loganalysis.org/mailman/listinfo/loganalysis
>
>
--
If you are a SBSer... you had better be reading http://blogs.technet.com/sbs - the SBS Blog.
..and my blog is at www.sbsdiva.com....
More information about the LogAnalysis
mailing list