A nice finding about Windows Vista logging:
http://www.heysoft.de/Frames/Vista_Remarks1_en.htm
In short, most event log files are not properly referenced in the registry. Under HKLM\System\CCS\Services\EventLog\*\, the "File" entry has a ".elf" suffix, whereas Vista file format is ".evtx".
Consequently, most remote log reading tools (like Windows XP's Event Viewer, but most log collection tools could be affected) are unable to access Vista event logs.
This has been confirmed on my up-to-date Vista 64 system.
The conclusion from this guy is: "I must admit that I do now better understand all those people why say that they never install a Windows operating system in a production environment before its first Service Pack is out."
Fortunately, SP1 is due for Q1 2008 :)
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment