TechQA.

No events registered with SemanticLogging service on single server

378 views Asked by At

I'm trying to get SemanticLogging-svc.exe from the Enterprise Library Semantic Logging Application Block to listen to events for my custom event source and dump them to console.

This works fine for my localhost and for a development server, but I don't get any output for a production server. So I'm looking for answers as to why that might be.

The console output is simply:

Event Trace Session prefix: Microsoft-SemanticLogging-Etw

Sink name: ConsoleEventSink
Event sources:
Name: b3b81ce4-1cb6-512c-f02f-46aefff0344d
INNOMATE-HR-Security, Level: LogAlways, MatchAnyKeyword: None

Service started.

My SemanticLogging-svc.xml looks like this:

<?xml version="1.0" encoding="utf-8" ?>
<configuration xmlns="http://schemas.microsoft.com/practices/2013/entlib/semanticlogging/etw"
           xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
           xsi:schemaLocation="http://schemas.microsoft.com/practices/2013/entlib/semanticlogging/etw SemanticLogging-svc.xsd">
  <traceEventService/>
  <sinks>
    <consoleSink name="ConsoleEventSink">
      <sources>
        <eventSource name="INNOMATE-HR-Security" level="LogAlways"/>
      </sources>
      <eventTextFormatter header="+=========================================+"/>
    </consoleSink>
  </sinks>
</configuration>

There are no events in the Windows Event Log.

I've also tried with a rollingFlatFileSink. This results in an empty file on the production server, but works on the other systems.

Looking in PerfMon > Data Collector Sets > Event Trace Sessions, I see that Microsoft-SemanticLogging-Etw-ConsoleEventSink is running.

Using PerfView, my events are collected correctly.

The server in question is an older one, running Windows Server 2008 R2.

Is there some setting I'm missing, or does anyone have another explanation of why this isn't working?

Thanks in advance.

c# enterprise-library etw semantic-logging slab
Original Q&A
1

There are 1 answers

7
Attila Cseh On

It seems the identity of the SemanticLogging-svc service does not have the required permissions to create an ETW session, register a provider or read events from an ETW session.

Add the identity of the SemanticLogging-svc service instance to the Performance Log Users Windows group.

Have you tried running the SemanticLogging-svc service with the same account you had used for PerfView or with administrator privileges?

Related Questions in C#

Related Questions in ENTERPRISE-LIBRARY

Related Questions in ETW

Related Questions in SEMANTIC-LOGGING

Related Questions in SLAB

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions