PingSentry   |   Blog   |   System32   |   GitHub   |   Free tools

Why are events not formatted correctly, even though they show up correctly with the built-in Windows Event Viewer?

Article ID: 159
Category: Event Log Monitoring
Applies to: 2.81
Updated: 2022-06-07

Some events that are processed by EventSentry are not formatted correctly, even though they show up correctly with the built-in Windows Event Viewer. This seems to affect mostly events that are generated by Windows itself (e.g. DNS, Windows Backup, etc). Those events seem to only contain parts of the event, most strings and descriptions are missing.

This is a known problem on 64-bit editions of Windows (e.g. Windows Server 2003 64-bit edition) with all versions of EventSentry up to version 2.81.

Since EventSentry runs as a 32-bit process, all attempts to access the message file DLL in the SYSTEM32 directory of Windows, are redirected to the SysWOW64 directory instead, which in most cases does either not contain the necessary file or does not contain the necessary message resource.

Upgrading to version 2.90, when available, will resolve this problem.

Links:


Support Resources

Knowledge Base Knowledge Base
Documentation Documentation
Screenshot Screencasts
Blog Blog

Contact Support

Phone 1-877-NETIKUS
Email support@netikus.net