Analyze
=========
記錄檔名稱:
Operations Manager
來源:
Health Service Modules
事件識別碼: 26004
描述:
Windows
事件記錄檔提供者仍然無法開啟電腦 'Jimmy.Lin.com'
上的
Microsoft-Windows-Kernel-Power/Diagnostic 事件記錄檔。 提供者已有 720 秒無法開啟
Microsoft-Windows-Kernel-Power/Diagnostic 事件記錄檔。
最近的錯誤詳細資料: 不支援這個要求。
此錯誤將影響一個或多個工作流程。
工作流程名稱: MomUIGeneratedRule0923801817d8486087b51b5b2ea88ffe
執行個體名稱: Jimmy.Lin.com
管理群組: JIMMYSCOM
Action
Plan
============
Use
operationsManager
select
distinct
r.RuleID,
r.RuleName,
lt.ElementName,
lt.LTValue,
r.ManagementPackId,
mp.MPFriendlyName
from
rules r
join
LocalizedText lt on lt.LTStringID = r.RuleID
join
ManagementPack mp on mp.ManagementPackID = r.ManagementPackID
where
rulename like 'MomUIGeneratedRule0923801817d8486087b51b5b2ea88ffe'
Query
Result
============
F78E3663-DAA1-C7A4-2F4C-1581C8100770
Use
Powershell to query this rule or monitor
PS
C:\> get-scomrule | where{$_.id -eq
"F78E3663-DAA1-C7A4-2F4C-1581C8100770"} |fl
HasNonCategoryOverride
: False
Enabled
: true
Target
: ManagementPackElementUniqueIdentifier=118c0f18-7a70-5f
57-3a9b-eeaf1705b3fc
ConfirmDelivery
: True
Remotable
: True
Priority
: Normal
DiscardLevel
: 100
Category
:
Alert
ConditionDetection
:
DataSourceCollection
: {DS}
WriteActionCollection
: {Alert}
XmlTag
: Rule
ManagementGroup
: JIMMYSCOM
ManagementGroupId
: 608bddca-c037-ec6b-679f-e28e00b6682e
Identifier
: 1|jimmypolicy|1.0.0.0|MomUIGeneratedRule0923801817d848
6087b51b5b2ea88ffe||
Name
: MomUIGeneratedRule0923801817d8486087b51b5b2ea88ffe
Id
: f78e3663-daa1-c7a4-2f4c-1581c8100770
DisplayName
: Kernel-Power - System Shutdown
<---custom rule
Description
:
LanguageCode
: CHT
Comment
:
Status
: Unchanged
InstanceName
:
ManagementPackName
: jimmypolicy
Sealed
: False
ManagementPack
: [jimmypolicy]
Solution
==========
Delete customer rule Kernel-Power - System Shutdown
沒有留言:
張貼留言