Hi.
This is probably normal (in W2K8), but I can't seem to spot what might be
driving this.
The nxlog service is running under the context of the Local System account. I
was hoping to monitor the DNS debug log, _in its default location_
(\windows\system32\dns\dns.log), but every time I tried to spin up an im_file
Module, for that file, it kept telling me that the file didn't exist (even
though it clearly did exist).
After scratching my head, I forced it to some other location, and then it
worked fine. It finally dawned on me that nxlog was simply not able to access
it, within that specific directory structure. What is throwing me, is that an
examination of the Security information (in file and directory properties), and
more specifically, the Effective Permissions for the System account, it looks
like it should have both Directory Traversal, as well as Read access, to
anything in that "tree", but the instant that I attempt to monitor anything in,
or below, \windows\system32, then it is obviously getting blocked. Again, I
know that MS has gotten far more anal about what can happen in that "trusted
computing" directory structure, but I'm unclear why it wouldn't be obvious in
the permission information.
It's not clear whether this should generate a Failure audit in the Event Logs
(as nxlog attempts to "find" that file), but it definitely does not.
Anyway, I'm just curious if anyone has seen anything similar. I've worked
around the issue, by generating the log file with \windows\temp, but it would
have been more straightforward to just use the default location.
Thanks for your time and input.
Marvin Nipper
----------------------------------------------------------------------
The information transmitted, including any content in this communication is
confidential, is intended only for the use of the intended recipient and is the
property of The Western Union Company or its affiliates and subsidiaries. If
you are not the intended recipient, you are hereby notified that any use of the
information contained in or transmitted with the communication or
dissemination, distribution, or copying of this communication is strictly
prohibited. If you have received this communication in error, please notify the
Western Union sender immediately by replying to this message and delete the
original message
------------------------------------------------------------------------------
Get your SQL database under version control now!
Version control is standard for application code, but databases havent
caught up. So what steps can you take to put your SQL databases under
version control? Why should you start doing it? Read more to find out.
http://pubads.g.doubleclick.net/gampad/clk?id=49501711&iu=/4140/ostg.clktrk
_______________________________________________
nxlog-ce-users mailing list
nxlog-ce-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nxlog-ce-users
