• Management Pack:  SCOM 2016
  • MP Version:  1.0
  • Released:  10/19/2018
  • Publisher:  Microsoft

The System Center Data Access service is unable to write security audit events. Rule

  • ID:  Microsoft.SystemCenter.SDKService.UnableToGenerateAuditEvents.Alert
  • Description:  This rule generates an alert if the System Center Data Access service reports that it is unable to write security audit events to the security event log.
  • Target:  Collection Server
  • Enabled:  Yes

Overridable Parameters

Parameter Name Default Value Description Override
Priority 2  
Severity 2  

Run As Profiles

Name
Default

Alert Details

Message Priority Severity
The Data Access Service is unable to generate auditing events. High Critical

Rule Knowledgebase

Summary

The Data Access service is unable to log audit events to the security event log.

Causes

The failure may have happened due to insufficient user rights for the Data Access service account.

Resolutions

Steps to fix this problem: 1) Open the "Local Security Policy" MMC snap-in. 2) Go to Local Policies -> User Rights Assignment. 3) Double-click "Generate Security Audits". 4) Add the Data Access service account to the list of accounts allowed to generate security audits. 5) Restart the Data Access service.

External References
This rule does not contain any external references.

See Also for SCOM 2016 Management Pack


Downloads for SCOM 2016 Management Pack

AZURE OPTIMIZATION ASSESSMENT GET STARTED
MIGRATION TO AZURE GET STARTED
SYSTEM CENTER MIGRATION TO AZURE GET STARTED
MIGRATION TO AZURE FOR SQL AND WINDOWS 2008 GET STARTED