Sign in with
Sign up | Sign in
Your question

Can't Start Trace Log

Last response: in Windows XP
Share
Anonymous
November 6, 2004 4:53:21 AM

Archived from groups: microsoft.public.windowsxp.perform_maintain (More info?)

I'm using XP Pro SP2, and am trying to run a trace log to see which
processes are starting/stopping and when. However, I get the following when
I try to start the log:

Can't start trace log from Windows Kernel Trace provider
(event process creations/deletions). Error "The LOG_NAME
log or alert has not started. Refresh the log or alert
list to view current status, or see the application event
log for any errors. Some logs and alerts might require a
few minutes to start, especially if they include many
counters." In application event log appears this event:

Event Type: Warning
Event Source: SysmonLog
Event Category: None
Event ID: 2014
Date: 06.11.2004
Time: 01:33:43 User: N/A
Computer: DELL
Description:
Unable to start the trace session for the 1 trace log
configuration. The Kernel trace provider and some
application trace providers require Administrator
privileges in order to collect data. Use the Run As
option in the configuration application to log under an
Administrator account for these providers. System error
code returned is in the data.

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 05 00 00 00 ....


I have no idea why this would happen. Also, the event states that I need to
have Admin rights. I AM using an account with Admin rights (although not the
Administrator account). Does anyone have a possible idea?

Thanks,
Mike

More about : start trace log

December 19, 2008 8:30:23 PM

you can modify the properties of the service called sysmonlog (short name)

1*
in a cmd window :
sc getdisplayname sysmonlog

read the long name (in fench: Journaux et alertes de performance)

2*
in the window "managing windows services" search your corresponding service then right click and choose Properties

3*
in the tab "connexion" (in french) choose the appropriate user which have authority to write the log

....
Related resources
!