mom: trimming down alerts...

February 28, 2006

mom: trimming down alerts...

you might find this one useful. in any environment, you're going to expect to get a fair amount of event id 7000 or something like this:

Event Type: Error Event Source: Service Control Manager Event Category: None Event ID: 7000 Date: 2/28/2006 Time: 3:00:48 AM User: N/A Computer: SERVERNAME Description: The BROKEN service failed to start due to the following error: The system cannot find the file specified. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

so in order to create proper event filters, you need to know the parameters of the event. otherwise, you have to do a description-based search. not fun. anyway, i thought i'd map out event id 7000 since this probably generates a lot of noise. i color-coded it above.

parameter 1: "BROKEN"
parameter 2: "The system cannot find the file specified."

by the way, the best method to find the event parameters is to use the management pack wizard. you can specify what you want to look at and the event id. it'll display all the parameters for that event id.

Search This Blog

Plain Text Prose

mom: trimming down alerts...

Comments

Post a Comment

Popular Posts

using preloadpkgonsite.exe to stage compressed copies to child site distribution points

How to Identify Applications Using Your Domain Controller