"The Event Log File Is Corrupt" Error Message When Opening an Event Log File (255861)
The information in this article applies to:
- Microsoft BackOffice Small Business Server 4.0
- Microsoft BackOffice Small Business Server 4.0a
- Microsoft BackOffice Small Business Server 4.5
- Microsoft Windows NT Workstation 4.0
- Microsoft Windows NT Server 4.0
This article was previously published under Q255861 SYMPTOMS
When you try to open an event log file that was copied from the original file while the Event Log service was running, you may receive the following error message:
The event log file is corrupt.
If you open event log files sent in e-mail using the Server Status tool in Small Business Server (SBS), you may also receive the same error message.
CAUSE
This behavior occurs because the Event Log service has an open handle to the *.evt file.
RESOLUTION
To work around this issue, use any of the following methods:
- Open event log files using the Open command on the Log menu if you saved the files using the Event Viewer Save As command on the Log menu.
- Make copies of the original event log files without using the Save As command if the Event Log service is disabled:
- Set the Event Log service to disabled, and then restart the computer.
- Copy the *.evt file(s) to another folder or computer. Event Viewer does not start until the Event Log service is started.
- Set the startup value for the Event Log service back to automatic, and then start the service.
- Use the Dumpel.exe resource kit tool to dump the event logs into a text file while the Event Log service is running (for example, dumpel.exe -f system.out -l system).
REFERENCESFor additional information, click the article number below
to view the article in the Microsoft Knowledge Base:
206848 Windows NT Service Pack 4.0 Tools Not Included on CD-ROM
| Modification Type: | Major | Last Reviewed: | 5/13/2003 |
|---|
| Keywords: | kberrmsg kbprb KB255861 |
|---|
|