Wednesday, 11 May 2016

WINCOLLECT ERROR THE EVENT LOG FILE IS CORRUPTED

WINCOLLECT ERROR

THE EVENT LOG FILE IS CORRUPTED

<13>May 11 13:04:29 10.10.1.13 LEEF:1.0|IBM|WinCollect|7.2|4|src=10.10.XX.XX     dst=10.10.XX.XX        sev=5   log=Device.WindowsLog.WindowsLogDeviceReaderPool.PoolThread   msg=WindowsLogDeviceReaderPool::svc - ALE exception in device 0xCCE4C8ED (OS @ 10.10.XX.XX - ReadEventLog failed - perhaps the event log was either closed or we are shutting down. The event log will be closed and will be re-opened (if appropriate).). Last error: Error code 0x05DC: The event log file is corrupted.

#STOP WINCOLLECT SERVICE AT SOURCE MACHINE
GOTO SERVICES --> LOCATE WINCOLLECT --> STOP IT

#COPY ALL EVENT FILES
GOTO --> %SystemRoot%\System32\Config\xxx.evt --> copy all related .evt files to any backup location.

#CLEAR EVENT FROM EVENT VIEWER
GOTO --> EVENT VIEWER --> WINDOWS LOG --> APLICATION/SYSTEM/SECURITY --> CLEAR LOGS

#START WINCOLLECT SERVICE
GOTO SERVICES --> LOCATE WINCOLLECT --> START IT

IT WILL CLEAR THESE ERRORS....!