NTEVL causing Journal wrap errors

Document ID : KB000033677
Last Modified Date : 14/02/2018
Show Technical Document Details
It was found the that client had NTEVL load on windows domain controllers.
The domain controllers were getting Journal warp errors
it was tracked down to the ntevl probe.

It was found that the ntevl probe was updating the location of the security file constantly
even though the security file was not setup in any profile.

To resolve this issue had to do the following:
Change the ntevel.cfg
from
<logs>
system = System
application = Application
security = Security
</logs>
to
<logs>
system = System
application = Application
</logs>


This changed the number of journal entries from 1 Million + a minute to 6000 entries per minute.
?