[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

WindowsOS Defrag Start Event Id's needed

Posted on 2013-12-03
5
Medium Priority
?
704 Views
Last Modified: 2014-04-16
Hello

I am creating a monitor in a 3rd party application, It needs to trigger on Any Windows Operating system when a defrag is started so i can alert myself for further action.

I have found Event ID: 258 Source: Microsoft-Windows-Defrag and have searched for other ID's with that source but have found none that are useful.

This ID just shows analysis.

Any one know?



Source: Microsoft-Windows-Defrag
Type: Information
Description:
The disk defragmenter successfully completed analysis on (C:)
0
Comment
Question by:Benlton IT
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 14

Expert Comment

by:Ram Balachandran
ID: 39694496
You can use task scheduler to trigger an application when an event occurs

To setup these tasks within the Task Scheduler, the actions are much easier. You simply right-click on the Event Viewer Tasks node, then select either “Create Basic Task” or “Create Task”. Both options will associate tasks to the Event Viewer. It is clear that the Basic Task is much easier, but the standard Task provides ultimate control over what you want to pivot upon.

Please refer :http://www.windowsecurity.com/articles-tutorials/authentication_and_encryption/Attaching-Tasks-Event-Viewer-Logs-Events.html
0
 
LVL 1

Author Comment

by:Benlton IT
ID: 39696526
This solution will not get the desired result.

What i need is, when some one starts a defrag on example a server or even a defrag kicks of automatically. I need to be able to capture this event.

Is there an Event Id when a Windows defrag is started?

I have the below setup.
3rd Party Monitoring Software runs on a Server, It can create monitors on Event Id's, performance counters etc.

Once the monitor captures the Event Id for the start of a defrag, i can get it to alert me.

Problem is i cannot find a Event ID when a defrag is started.

There might be another way apart from Event Id i can use? See Picture attached.
Capture.JPG
0
 
LVL 56

Expert Comment

by:McKnife
ID: 39696690
Simply use task scheduler and locate the defrag task and modify it so that it won't only do a defrag but also inform you.
0
 
LVL 1

Author Comment

by:Benlton IT
ID: 39704626
That defrag task is for scheduled defrags.

I need to be alerted when some one manually tries to do a defrag.

And i don't want to be alerted via task scheduler, i want to be alerted through my monitoring software installed on the server so i need an event id or performance monitor relating to the manual start of a defrag.
0
 
LVL 56

Accepted Solution

by:
McKnife earned 2000 total points
ID: 39741754
...back from vacation...

Hi. You could setup ntfs-auditing for dfrgui.exe which is used for interactive defrags. That way, an event would be created and you could attach a mailing action to that event - mission accomplished.
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many admins will agree: WSUS is is a nice invention but using it on the client side when updating a newly installed computer is still time consuming as you have to do several reboots and furthermore, the procedure of installing updates, rebooting an…
It’s been over a month into 2017, and there is already a sophisticated Gmail phishing email making it rounds. New techniques and tactics, have given hackers a way to authentically impersonate your contacts.How it Works The attack works by targeti…
Windows 8 comes with a dramatically different user interface known as Metro. Notably missing from the new interface is a Start button and Start Menu. Many users do not like it, much preferring the interface of earlier versions — Windows 7, Windows X…
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question