'Failed to open audit event' message shown when using Enterprise Console with Auditing enabled

  • N.º del artículo: 119039
  • Actualizado: 12 mar 2013

Issue

When performing actions in Enterprise Console with 'Auditing' enabled the following error message is displayed.

Failed to open audit event
----- [outer exception] -----
-- error: 0x829E0033
-- facility: Sophos Management Service Exception
-- source: struct ISMT_Threats

[Stack Trace Follows]

Note: the source may also be:

-- source: struct ISMT_Errors

First seen in

Enterprise Console 5.2.0

Cause

Under certain SQL Server language settings, the auditing of certain events can generate exceptions which cause Enterprise Console to close.

What To Do

A SQL file has been created to remove the dependency on any particular language setting.  To apply the fix, perform the following steps.

Note:  It is strongly recommended that you take a backup of the 'SophosSecurity' database prior to updating it.  For details on how to do this see article: 110380.

On the Sophos Management Server computer:

  1. Close Enterprise Console if open.
  2. Stop the service: 'Sophos Management Service'.

On the computer hosting the Sophos database:

Note
: If you are unsure which computer this is see article 113030.

  1. Download the file SEC88637.txt , rename it from SEC88637.txt to SEC88637.sql and save to a location such as 'C:\windows\temp\SEC88637.sql'.
  2. In an administrative command prompt run the following command:
    sqlcmd -E -S (local)\SOPHOS -i C:\windows\temp\SEC88637.sql

    Where:
    (local\SOPHOS) represents a local SOPHOS named SQL Server instance.  For more information on determining the value you may require if it is not a default installation, see article 113030.

On the Sophos Management Server computer:

  1. Start the service: 'Sophos Management Service'.
  2. Open Enterprise Console and confirm that performing the last action that failed now completes.


Technical Information

The SQL file updates the following three stored procedures in the SophosSecurity database:

  • [dbo].[ThreatEntitiesSync]
  • [dbo].[ErrorEntitiesSync]
  • [dbo].[TargetEntitiesSync_Computers]

to ensure that time conversions are carried out correctly.


 
Si necesita más ayuda, póngase en contacto con soporte técnico.

Valore el artículo

Muy malo Excelente

Comentarios