• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 914
  • Last Modified:

How do I stop evntagnt.log getting huge?

We have an HP Proliant DL380 G4 running SBS2003 Premium.  No problems with it apart from the fact that the file:

C:\hp\logs\evntagnt.log

gets larger by about 15Kb every few seconds - so after a while it gets pretty big (20GB last time I checked).

I've figured out how to remove it - stop the following services:

SNMP Service
HP Insight Foundation Agents
HP Insight Storage Agents
HP Insight Server Agents
HP Insight NIC Agents

... and then simply delete the file.

Question is, how can I stop it getting so big, or even stop it being created at all?  I can't see it serving any purpose.  Here's a sample of what's in it:

01/07/2010 15:54:16 SnmpEvLogProc: END OF FILE of event log is reached
01/07/2010 15:54:16 SnmpEvLogProc: Event detected log record written for Internet Explorer - 4 - 00095190
01/07/2010 15:54:16 SnmpEvLogProc: Log event buffer is at address 000CC990
01/07/2010 15:54:16 SnmpEvLogProc: Reading log event for handle 00095190
01/07/2010 15:54:16 SnmpEvLogProc: END OF FILE of event log is reached
01/07/2010 15:54:16 SnmpEvLogProc: Event detected log record written for Microsoft-Windows-Forwarding/Operational - 5 - 00096BF0
01/07/2010 15:54:16 SnmpEvLogProc: Log event buffer is at address 000CC990
01/07/2010 15:54:16 SnmpEvLogProc: Reading log event for handle 00096BF0
01/07/2010 15:54:16 SnmpEvLogProc: END OF FILE of event log is reached
01/07/2010 15:54:16 SnmpEvLogProc: Event detected log record written for MSCRMExRouter - 6 - 00096E30
01/07/2010 15:54:16 SnmpEvLogProc: Log event buffer is at address 000CC990
01/07/2010 15:54:16 SnmpEvLogProc: Reading log event for handle 00096E30
01/07/2010 15:54:16 SnmpEvLogProc: END OF FILE of event log is reached
01/07/2010 15:54:16 SnmpEvLogProc: Event detected log record written for Security - 7 - 00096FA0
01/07/2010 15:54:16 SnmpEvLogProc: Log event buffer is at address 000CC990
01/07/2010 15:54:16 SnmpEvLogProc: Reading log event for handle 00096FA0
01/07/2010 15:54:16 SnmpEvLogProc: END OF FILE of event log is reached
01/07/2010 15:54:16 SnmpEvLogProc: Waiting for event to occur
01/07/2010 15:54:16 SnmpEvLogProc: Normal event wait in progress
01/07/2010 15:54:16 SnmpEvLogProc: Event handle 0 is 00000230
01/07/2010 15:54:16 SnmpEvLogProc: Event handle 1 is 0000023C
01/07/2010 15:54:16 SnmpEvLogProc: Event handle 2 is 00000240
01/07/2010 15:54:16 SnmpEvLogProc: Event handle 3 is 00000244

Thanks in advance!
0
David Haycox
Asked:
David Haycox
  • 2
  • 2
1 Solution
 
andyalderSaggar makers bottom knockerCommented:
Any values in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SNMP_
EVENTS\EventLog\Parameters ?
0
 
David HaycoxAuthor Commented:
Yes indeed, is this what you're looking for:

TraceFileName         REG_SZ          c:\hp\logs\evntagnt.log ?

Do I just delete it?
0
 
andyalderSaggar makers bottom knockerCommented:
There should also be a TraceLevel reg DWORD set to 32 (I think 32 means no logging) see http://support.microsoft.com/kb/889082/en-us and http://support.microsoft.com/kb/832790/en-us .
0
 
David HaycoxAuthor Commented:
Great answer, pretty sure that's the second time you've helped me out!

In fact either solution (deleting the TraceFileName key or setting the TraceLevel to 32 (decimal) works a treat.
0

Featured Post

Restore individual SQL databases with ease

Veeam Explorer for Microsoft SQL Server delivers an easy-to-use, wizard-driven interface for restoring your databases from a backup. No expert SQL background required. Web interface provides a complete view of all available SQL databases to simplify the recovery of lost database

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now