Request trial
Request Trial

NXLOG service keep on stopping every few days

Tags:
#1 SBehta

Hi, I have updated the NXLOG installation to version 2.10.2150 hoping that it will fix my issue. I have NXlogs installed on 6 servers and they are work fine except one server. Thi sis afile server so there are no application installed on it. On this server I get the following errors. When I manually restart the NXLOG service everything runs fine for few days and then NXLOG stops reporting logs. I appreciate assistance in trying to resolve this issue.

The log file located at C:\Program Files (x86)\nxlog\data contains this:

2019-05-07 10:23:44 INFO nxlog-ce-2.10.2150 started 2019-05-10 06:35:36 ERROR EvtNext failed with error 15007: The specified channel could not be found. Check channel configuration.
2019-05-10 06:35:37 WARNING ignoring source as it cannot be subscribed to (error code: 15007): <Query Id='246'><Select Path='Microsoft-WindowsAzure-Diagnostics/Bootstrapper'></Select></Query> 2019-05-10 06:35:37 WARNING ignoring source as it cannot be subscribed to (error code: 15007): <Query Id='247'><Select Path='Microsoft-WindowsAzure-Diagnostics/Heartbeat'></Select></Query> 2019-05-10 06:35:37 WARNING ignoring source as it cannot be subscribed to (error code: 15007): <Query Id='248'><Select Path='Microsoft-WindowsAzure-Diagnostics/Runtime'></Select></Query> 2019-05-10 06:35:37 WARNING ignoring source as it cannot be subscribed to (error code: 15007): <Query Id='249'><Select Path='Microsoft-WindowsAzure-Status/GuestAgent'></Select></Query> 2019-05-10 06:35:37 WARNING ignoring source as it cannot be subscribed to (error code: 15007): <Query Id='250'><Select Path='Microsoft-WindowsAzure-Status/Plugins'>*</Select></Query> 2019-05-10 06:35:43 ERROR EvtNext failed with error 1722: The RPC server is unavailable.
2019-05-10 06:35:43 ERROR Failed to query available channels; The RPC server is unavailable.
2019-05-12 08:31:07 WARNING received a system shutdown request 2019-05-12 08:31:07 WARNING stopping nxlog service 2019-05-12 08:31:07 WARNING nxlog-ce received a termination request signal, exiting... 2019-05-12 08:31:58 INFO nxlog-ce-2.10.2150 started 2019-05-12 08:32:07 WARNING Due to a limitation in the Windows EventLog subsystem, a query cannot contain more than 256 sources. 2019-05-12 08:32:07 WARNING The following sources are omitted to avoid exceeding the limit in the generated query: WitnessClientAdmin

Permalink
#2 b0ti Nxlog ✓
#1 SBehta
Hi, I have updated the NXLOG installation to version 2.10.2150 hoping that it will fix my issue. I have NXlogs installed on 6 servers and they are work fine except one server. Thi sis afile server so there are no application installed on it. On this server I get the following errors. When I manually restart the NXLOG service everything runs fine for few days and then NXLOG stops reporting logs. I appreciate assistance in trying to resolve this issue. The log file located at C:\Program Files (x86)\nxlog\data contains this: 2019-05-07 10:23:44 INFO nxlog-ce-2.10.2150 started 2019-05-10 06:35:36 ERROR EvtNext failed with error 15007: The specified channel could not be found. Check channel configuration. 2019-05-10 06:35:37 WARNING ignoring source as it cannot be subscribed to (error code: 15007): <Query Id='246'><Select Path='Microsoft-WindowsAzure-Diagnostics/Bootstrapper'></Select></Query> 2019-05-10 06:35:37 WARNING ignoring source as it cannot be subscribed to (error code: 15007): <Query Id='247'><Select Path='Microsoft-WindowsAzure-Diagnostics/Heartbeat'></Select></Query> 2019-05-10 06:35:37 WARNING ignoring source as it cannot be subscribed to (error code: 15007): <Query Id='248'><Select Path='Microsoft-WindowsAzure-Diagnostics/Runtime'></Select></Query> 2019-05-10 06:35:37 WARNING ignoring source as it cannot be subscribed to (error code: 15007): <Query Id='249'><Select Path='Microsoft-WindowsAzure-Status/GuestAgent'></Select></Query> 2019-05-10 06:35:37 WARNING ignoring source as it cannot be subscribed to (error code: 15007): <Query Id='250'><Select Path='Microsoft-WindowsAzure-Status/Plugins'>*</Select></Query> 2019-05-10 06:35:43 ERROR EvtNext failed with error 1722: The RPC server is unavailable. 2019-05-10 06:35:43 ERROR Failed to query available channels; The RPC server is unavailable. 2019-05-12 08:31:07 WARNING received a system shutdown request 2019-05-12 08:31:07 WARNING stopping nxlog service 2019-05-12 08:31:07 WARNING nxlog-ce received a termination request signal, exiting... 2019-05-12 08:31:58 INFO nxlog-ce-2.10.2150 started 2019-05-12 08:32:07 WARNING Due to a limitation in the Windows EventLog subsystem, a query cannot contain more than 256 sources. 2019-05-12 08:32:07 WARNING The following sources are omitted to avoid exceeding the limit in the generated query: WitnessClientAdmin

I think the event source disappears while NXLog is running which is usually caused by the application being removed.
The NXLog Enterprise Edition should handle this situation better. In addition it supports the TolerateQueryErrors option which could further help.
Login to see more

Subscribe to our newsletter to get the latest updates, news, and products releases.

© Copyright 2024 NXLog Ltd.

PRIVACY POLICY GENERAL TERMS OF BUSINESS