HappySCCM

Tag: logs

  • Monitoring your fleets event logs – Part 2

      Install Splunk – It’s free! https://www.splunk.com/en_us/download/splunk-enterprise.html Modify Program Files\Splunk\etc\system\local\inputs.conf Add the lines [WinEventLog] evt_resolve_ad_obj = 1   Then we need to reboot splunk, in Splunk click Settings, then Server controls and click Restart Splunk Next we need to add our data source, click Add Data from the launch screen, then monitor   Choose Local Events then ForwardedEvents and…

    Read post →

  • Monitoring your fleets event logs – Part 1

    Windows has an amazing feature that let’s you collect logs from remote computers, it’s called Windows Event forwarding and is pretty easy to set up. Once we have this data we can use free tools such as Splunk or GrayLog to analyse the data, find patterns, fix.   Below is the way to get started collecting…

    Read post →

  • Bad Fat mifs in a multiple user environment

      If you are getting alot of error 2719 under SMS_INVENTORY_DATA_LOADER in a multiple user enviroment such as a lab of computers consider tweaking the data you are collecting. Inventory Data Loader failed to process the file G:Program FilesMicrosoft Configuration Managerinboxesauthdataldr.boxProcessH5CCBXME.MIF because it is larger than the defined maximum allowable size of 5000000. Solution: Increase the…

    Read post →

  • Adding custom programs to the Set Default Programs UI

    Hi, today I wanted the CMTrace tool to be recognised in the Set Default Programs control panel applet. There is a bit of information on the net but it’s confusing. In the registry you can set the program, launch arguments, file types and icon. This can be used for any app by modifying the reg…

    Read post →