SQL Server Agent was unable to open the local event log.
SQL Server Agent was unable to open the local event log.
Note that this rule does not work if SQL Server on Windows instance is monitored agentlessly.
Upgrade to the latest service pack. If the error persists, contact Microsoft Customer Service and Support.
Name | Description | Default Value |
Allow Proxying | Specifies whether the module should collect events that do not originate from the computer that is specified in the ComputerName parameter. | No |
Enabled | Enables or disables the workflow. | Yes |
Priority | Defines Alert Priority. | 1 |
Severity | Defines Alert Severity. | 1 |
Target | Microsoft.SQLServer.Windows.Agent | ||
Category | EventCollection | ||
Enabled | True | ||
Alert Generate | True | ||
Alert Severity | Warning | ||
Alert Priority | Normal | ||
Remotable | True | ||
Alert Message |
| ||
Comment | Mom2017ID='{47214F8C-6FAD-4DEA-AB7B-1F9841768B6A}';MOM2017GroupID={467ECC75-C5DA-42BD-955C-A73BBB51AF74} |
ID | Module Type | TypeId | RunAs |
---|---|---|---|
_F6DA1507_12AF_11D3_AB21_00A0C98620CE_ | DataSource | Microsoft.SQLServer.Windows.EventProvider | Default |
GenerateAlert | WriteAction | System.Health.GenerateAlert | Default |
<Rule ID="Microsoft.SQLServer.Windows.CollectionRule.Agent.Unable_to_re_open_the_local_eventlog_1_5_Rule" Target="SqlDiscW!Microsoft.SQLServer.Windows.Agent" Enabled="true" ConfirmDelivery="true" Remotable="true" Comment="Mom2017ID='{47214F8C-6FAD-4DEA-AB7B-1F9841768B6A}';MOM2017GroupID={467ECC75-C5DA-42BD-955C-A73BBB51AF74}">
<Category>EventCollection</Category>
<DataSources>
<DataSource ID="_F6DA1507_12AF_11D3_AB21_00A0C98620CE_" Comment="{F6DA1507-12AF-11D3-AB21-00A0C98620CE}" TypeID="Microsoft.SQLServer.Windows.EventProvider">
<ComputerName>$Target/Property[Type="SqlDiscW!Microsoft.SQLServer.Windows.Agent"]/ComputerName$</ComputerName>
<LogName>Application</LogName>
<AllowProxying>false</AllowProxying>
<Expression>
<And>
<Expression>
<SimpleExpression>
<ValueExpression>
<XPathQuery>Channel</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
<ValueExpression>
<Value>Application</Value>
</ValueExpression>
</SimpleExpression>
</Expression>
<Expression>
<SimpleExpression>
<ValueExpression>
<XPathQuery>EventDisplayNumber</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
<ValueExpression>
<Value>313</Value>
</ValueExpression>
</SimpleExpression>
</Expression>
<Expression>
<SimpleExpression>
<ValueExpression>
<XPathQuery>PublisherName</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
<ValueExpression>
<Value>$Target/Property[Type="SqlDiscW!Microsoft.SQLServer.Windows.Agent"]/ServiceName$</Value>
</ValueExpression>
</SimpleExpression>
</Expression>
</And>
</Expression>
</DataSource>
</DataSources>
<WriteActions>
<WriteAction ID="GenerateAlert" TypeID="Health!System.Health.GenerateAlert">
<Priority>1</Priority>
<Severity>1</Severity>
<AlertMessageId>$MPElement[Name="Microsoft.SQLServer.Windows.CollectionRule.Agent.Unable_to_re_open_the_local_eventlog_1_5_Rule.AlertMessage"]$</AlertMessageId>
<AlertParameters>
<AlertParameter1>$Target/Host/Property[Type="SqlCoreLib!Microsoft.SQLServer.Core.DBEngine"]/MachineName$</AlertParameter1>
<AlertParameter2>$Target/Host/Property[Type="SqlCoreLib!Microsoft.SQLServer.Core.DBEngine"]/InstanceName$</AlertParameter2>
<AlertParameter3>$Data/EventDisplayNumber$</AlertParameter3>
</AlertParameters>
<Suppression>
<SuppressionValue/>
</Suppression>
</WriteAction>
</WriteActions>
</Rule>