Hi Cluther. Thanks for the response. I have tried this on many levels to try
to figure out why this isn't working. I have modified zProperties
zWinEventlogMinSeverity on the following levels: /Devices, /Devices/Server, and
/Devices/Server/Windows. Once I have done this, I have even rebooted the
server. I still have the same reports. Here is an example of an event that is
logged:
Field Value
dedupid NLSVR-FTP01|DCOM|||3|Access denied attempting to launch a DCOM
Server.\r\nThe server is:\r\n{A9E69610-B80D-11D0-B9B9-00A0C922E750}\r\nThe user
is ACL_NBMG0
evid 7f000001360c9d38ffc1c34
device NLSVR-FTP01
component DCOM
eventClass /Unknown
eventKey
summary Access denied attempting to launch a DCOM Server. The server
is: {A9E69610-B80D-11D0-B9B9-00A0C922E750} The user is ACL_NBMG0
message
Access denied attempting to launch a DCOM Server.
The server is:
{A9E69610-B80D-11D0-B9B9-00A0C922E750}
The user is ACL_NBMG00/NBMG00, SID=S-1-5-21-602162358-1580818891-839522115-1008.
severity 3
eventState 0
eventClassKey DCOM_10002
eventGroup System
stateChange 2007/11/19 11:10:49.000
firstTime 2007/11/19 11:10:48.000
lastTime 2007/11/19 11:10:48.000
count 4
prodState 1000
suppid
manager localhost
agent zeneventlog
DeviceClass /Server/Windows
Location /
Systems |/Server Infrastructure
DeviceGroups |/FTP Server
ipAddress 10.10.X.X
facility unknown
priority -1
ntevid 10002
ownerid
clearid
DevicePriority 3
eventClassMapping
Note the severity is 3. Am I missing something? I have even updated to the
latest version (2.1.1) thinking this may be a bug or something. Thanks again
for the help.
-------------------- m2f --------------------
Read this topic online here:
http://community.zenoss.com/forums/viewtopic.php?p=13384#13384
-------------------- m2f --------------------
_______________________________________________
zenoss-users mailing list
[email protected]
http://lists.zenoss.org/mailman/listinfo/zenoss-users
