This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Community FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Windows Logs>Application

MikW
Engaged Sweeper II

‎04-04-2018 05:47 PM

Hi,

I have problems seeing EventID 12294 from Security-SPP.
It's for KMS publishing itself to DNS.

It is not from unsupported Applications and Services logs, it's not even there.
It is located in Windows logs > Application.

Log Name: Application
Source:Security-SPP
Event ID: 12294
Level: Information

Is it possible to filter that out in a report?

Select Distinct Top 1000000 tblAssets.AssetID,
  tblAssets.AssetName,
  tblAssets.IPAddress,
  tblNtlogSource.Sourcename,
  Max(tblNtlog.TimeGenerated) As LastOccurrence,
  tblADusers.Displayname,
  tblAssets.OScode,
  tblNtlogMessage.Message,
  tblNtlog.Eventcode
From tblAssets
  Inner Join tblNtlog On tblAssets.AssetID = tblNtlog.AssetID
  Inner Join tblNtlogSource On tblNtlogSource.SourcenameID =
    tblNtlog.SourcenameID
  Inner Join tblNtlogMessage On tblNtlogMessage.MessageID = tblNtlog.MessageID
  Left Join tblADusers On tblADusers.Username = tblAssets.Username And
    tblADusers.Userdomain = tblAssets.Userdomain
Group By tblAssets.AssetID,
  tblAssets.AssetName,
  tblAssets.IPAddress,
  tblNtlogSource.Sourcename,
  tblADusers.Displayname,
  tblAssets.OScode,
  tblNtlogMessage.Message,
  tblNtlog.Eventcode
Having tblNtlog.Eventcode In (12294)
Order By LastOccurrence Desc


Labels:
0 Kudos
1 REPLY 1
Esben_D
Lansweeper Employee
Lansweeper Employee

‎04-26-2018 03:25 PM

The report itself looks fine. Have you enabled non-error event scanning within Lansweeper? Instructions can be found here: https://www.lansweeper.com/kb/128/scanning-non-error-events.html
0 Kudos

Reports & Analytics

Ask about reports you're interested in and share reports you've created. Subscribe to receive daily updates of reports shared in the Community.

New to Lansweeper?

Try Lansweeper For Free

Experience Lansweeper with your own data.
Sign up now for a 14-day free trial.

Try Now