We're running enVision 4.0 SP4 Patch 3. For Windows collection, we are on content 2.0. The most recent Windows ESU we have installed is from April 2011.
We collect MSSQL server logs from both Windows 2003 and Windows 2008 servers. The MSSQL logs collected from the Windows 2008 servers are all undefined and don't parse.
The message header is %NICWIN-4-Application_18453_MSSQLSERVER
I mean, like, half of the messages coming from these servers are Windows Application logs, but they're undefined. For one server, in the last hour it generated 130,000 messages, and 65,000 of them are undefined, and have the header above in them.
- Does anyone know if by now, November 2011, these Windows 2008 MSSQL server messages are defined and parse?