RSA Admin

Adding Window Event log

Discussion created by RSA Admin Employee on Oct 8, 2010

I am attempting to read in a new windows event log, but I am getting the error message "Failed to get Handle:"  I am attempting to add a couple other logs off of a windows server 2003 system, these message is off of a windows XP system.  It is the same result for both logs. 

 

Has anyone seen this before and if so is there a resolution?

Example message from the NIC system log.

732010/10/01 14:37:58.046 CDT192.168.2.199%NIC-3-606327: AgentlessWindows, Agentless Windows Process, -, -, -, -, Detail: 4756: 172.23.1.68, Internet Explorer: Failed to get handle: GetLogHandle(Microsoft Windows XP, Internet Explorer)

Outcomes