10-05-2022, 01:38 AM
I have a boatload of Errors win Windows Eventlog.
Many are the same and often a number of times within the same second.
When checking out an event, there is nothing to leads me to software or hardware. Meaning to say: there is name of hardware or software.
The only thing is some "GUID"
See below example.
Question: is there a way that leads me to the 'source' based on GUID ?
(I am not an expert)
Example:
Many Microsoft-Windows-StorPort 'Errors' - EventID 523
Event properties
-
- System
- Provider
[ Name] Microsoft-Windows-StorPort
[ Guid] {c4636a1e-7986-4646-bf10-7bc3b4a76e8e}
EventID 523
Version 3
Level 2
Task 201
Opcode 0
Keywords 0x800200000000080
- TimeCreated
[ SystemTime] 2022-10-05T04:21:09.4523839Z
EventRecordID 90132
Correlation
- Execution
[ ProcessID] 16560
[ ThreadID] 16564
Channel Microsoft-Windows-Storage-Storport/Operational
Computer DESKTOP-K5IEMOI
Security
- EventData
MiniportName storahci
MiniportEventId 37
MiniportEventDescription No device
PortNumber 0
AdapterGuid {6ebdae63-5e99-11e8-b5f5-806e6f6e6963}
PathID 255
TargetID 255
LUN 255
ClassDeviceGuid {00000000-0000-0000-0000-000000000000}
VendorId
ProductId
SerialNumber
BootDevice false
Irp 0xffff8e857acfadd0
Srb 0xffff8e85861a5280
Parameter1Name function
Parameter1Value 2
Parameter2Name srbFlags
Parameter2Value 192
Parameter3Name SrbStatus
Parameter3Value 8
Parameter4Name ThrottleCount
Parameter4Value 0
-
Thanks!
Many are the same and often a number of times within the same second.
When checking out an event, there is nothing to leads me to software or hardware. Meaning to say: there is name of hardware or software.
The only thing is some "GUID"
See below example.
Question: is there a way that leads me to the 'source' based on GUID ?
(I am not an expert)
Example:
Many Microsoft-Windows-StorPort 'Errors' - EventID 523
Event properties
-
- System
- Provider
[ Name] Microsoft-Windows-StorPort
[ Guid] {c4636a1e-7986-4646-bf10-7bc3b4a76e8e}
EventID 523
Version 3
Level 2
Task 201
Opcode 0
Keywords 0x800200000000080
- TimeCreated
[ SystemTime] 2022-10-05T04:21:09.4523839Z
EventRecordID 90132
Correlation
- Execution
[ ProcessID] 16560
[ ThreadID] 16564
Channel Microsoft-Windows-Storage-Storport/Operational
Computer DESKTOP-K5IEMOI
Security
- EventData
MiniportName storahci
MiniportEventId 37
MiniportEventDescription No device
PortNumber 0
AdapterGuid {6ebdae63-5e99-11e8-b5f5-806e6f6e6963}
PathID 255
TargetID 255
LUN 255
ClassDeviceGuid {00000000-0000-0000-0000-000000000000}
VendorId
ProductId
SerialNumber
BootDevice false
Irp 0xffff8e857acfadd0
Srb 0xffff8e85861a5280
Parameter1Name function
Parameter1Value 2
Parameter2Name srbFlags
Parameter2Value 192
Parameter3Name SrbStatus
Parameter3Value 8
Parameter4Name ThrottleCount
Parameter4Value 0
-
Thanks!