Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net. The EventId.Net for Splunk Add-on assumes that Splunk is collecting information from Windows servers and workstation via the Splunk Universal Forwarder.
The service was unable to add any counters to the <server name> log or alert. This log or alert will not be started.
|English: Request a translation of the event description in plain English.|
After SP2 implementation we were not able to monitor the system remotely. The implementation of the ME923118 hotfix resolved our issue. To start the Performance Logs and Alerts service under a different account:
- Right-click My Computer, and then click Manage.
- Open Services and Applications.
- Click Services.
- Right-click Performance Logs and Alerts, then click Properties.
- Click the Log On tab, and then click This account.
- Type a user account, and then type a password with the right credentials to gain access to the remote computer.
This problem may occur if the name of the log that you tried to start contains one or more wildcard characters. Wildcard characters in counter log names are not correctly parsed by non-English versions of Windows XP. When this occurs, counters are not added to the log. See ME923118 for a hotfix applicable to Microsoft Windows XP.
For more information see ME240389.
This error means that the Performance Logs and Alerts information needs to be edited to use an account besides the LocalSystem account. Make sure the account has admin rights. Start and restart the service.
|Private comment: Subscribers only. See example of private comment|
|Links: ME240389, ME923118|
|Search: Google - Bing - Microsoft - Yahoo - EventID.Net Queue (1) - More links...|
Send comments or solutions
- Notify me when updated