Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 1 reply
  • Answers 1 answer
  • Subscribers 6 subscribers
  • Views 2096 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Windows Event Viewer Fehler "NTEventLog war nicht erreichbar. Statt dessen wurde SGM-LogPlayer - SGM-Databse benutzt"

pbdwd

Hallo.

Im Windows Event Viewer taucht regelmäßig folgender Fehler auf:

 

"Das Logging Ziel SGM-LogPlayer - NTEventLog war nicht erreichbar. Statt dessen wurde SGM-LogPlayer - SGM-Databse benutzt."

 

Scheinbar hat dieser Fehler zur Folge, dass keine SafeGuard events - wie z.B. fehlgeschlagene POA Logins - in den Eventviewer geschrieben werden.

Gibt es eine Lösung hierzu oder weis jemand was den Fehler verursacht?

 

SafeGuard Easy 6.1

Windows 7



This thread was automatically locked due to age.
  • FormerMember
    0 FormerMember

    Hello pbdwd,

    Many thanks for the question.

    I'm not sure on the specifics of why you're seeing this error message but I suspect this might be down to logging that you've configured in the SafeGuard backend.
    By any chance have you setup some additional logging and not set the permissions of the SafeGuard database perhaps?
    I believe SGN is attempting to write these logs to Windows Event Logs / the SGN Database and failing due to not having permission.

    The following steps will provide an overview for all required tasks.

    The example is based on the assumption that you want to setup a SafeGuard Enterprise (SGN) Server with the SGN Management Center on the same machine.
    In addition, you want SGN to write some entries into the Windows eventlog and the SGN Management Center reporting tab as well.

    Initial assumption for the setup configuration:

    The implementation of the SGN Server was done following the Best Practice Guide. It is assumed that the SGN Server is working properly. The SGN Management Center is installed on the same machine. The SQL database in use could be located on a different machine and has not be hosted on the SGN Server. The following steps will work independent of the location of SQL database.

    Additional task to finish the reporting setup:

    1. Grant System user access to the SGN database.
    By default all SGN related services are running in the System context of the Operating System.
    Therefore, you have to allow the System to read / write the used SGN SQL database.
    To do so, you have to open the SQL Server Management Studio and add the System user account at the security settings of the SGN database to grant access.

    2. Add the domain machine account object of the SGN Server to the SGN database.
    The computer hosting the SGN Server requires access to the SGN database to write events.
    Therefore, it has to be added to the security settings of the SGN database. It is sufficient to grant read / write permissions to the used SGN database. Please use the SQL Server Management Studio and add the machine account manually (e.g. [domainname]\[SGN Server name$] --> "Testdomain\SGNSRV1$")

    If you use more than one machine you have to add all SGN Servers to the security settings of the SGN database.

    3. Setup a new "Auditing" policy within the SGN Management Center.
    Once the above steps are done, it is recommend to configure a new auditing policy. Do not remove any settings of the default auditing policy. Furthermore you can add all events you want to have logged in addition for SGN.

    4. Setup a new "General settings" policy within the SGN Management Center
    In order to get the events written promptly into the Eventlog / Management Center it is recommended to minimize the default connection time interval to the SGN Server.  The setting within the policy is called "Connection interval to server". It is recommended to start with 3 minutes for testing purposes.
    Furthermore, it is recommended to change the setting "Feedback after numbers of events" to "5" as the new minimum for the internal SGN logging queue.
    Note: This is the recommended value to test the event logging. Based on your requirements, you can modify the above two settings according to your needs.

    5. Install Client config on the SGN Server
    Install a valid Client config msi on the SGN Server and reboot the Windows Operating System once the new Client Config msi was installed. After rebooting you should see the SGN Server as a standard SGN client computer object within the SGN Management Center. The SGN Server will show you a minimal inventory output. This indicates that the Client Config is working and the SGN Server will work similar to a standard SGN client. This means that SGN policies are applied on the SGN Server as well.

    6. Creating new SGN group and apply SGN policy
    Create a new SGN group "ServerLogging" within the Management Center. Add the required SGN Server object to this group. Apply the two new policies (see steps 3 above) to the domain within the SGN Management Center. Remove the default authenticated users and authenticated computers object. Add the new SGN group "ServerLogging" as the only linked policy object. This way, the policies are only applied to the SGN servers being member of this group.

    7.Finishing implementation
    Reboot the Windows Operation System of the machine where the client config was applied. This way, a synchronization of the policies is triggered and the policies should be applied.

    Note: The above procedure can be used on an SGN Server, SGN Management Center or SGN WebHelpdesk.

    I hope that helps, but please let me know if you're still running into issues with this.

Unfiltered HTML