Operations Manager Failed to Access the Windows Event Log

Over the last few days, I’ve been troubleshooting this error. The event log in this case was “WitnessServiceAdmin”, and having a look at the server I couldn’t find the log anywhere. I could create an override to disable this Monitor, but would I potentially create an overrides that disables critical alerts?  I decided against creating an override, and started to look for a solution/workaround.

If this log does not exist, what will happen if I create it? With a simple PowerShell command I created the log.

New-Eventlog -Source “WitnessClientAdmin” -LogName “WitnessClientAdmin” -MessageResourceFile “C:\Logs\WitnessClientAdmin.dll”

After a few minutes, that alert/warning disappeared from my SCOM console.

This could be a bug in the installation, or the management pack. I sent the alerts to our DevOps to look into the issue before creating this workaround.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s