App Layering: Splunk installed in a layer can cause Event ID 3 from unifltr in the Windows System event log

This is a special case of CTX221726. Looking in the Windows System event log, you see multiple events like this:

User-added image

Log Name: System

Source: unifltr

Date: 3/24/2018 12:39:50 PM

Event ID: 3

Task Category: None

Level: Error

Keywords: Classic

User: N/A

Computer: ————–

Description:

Unidesk denied an attempt to rename a directory from one of the read only portions of the file system. Please see the Unidesk Administrator for help.

Examining C:Program FilesUnideskUniserviceLogLog0.txt, you see a line like this for each Event ID 3:

[03/28/2018][15:03:37:469] Error Detail Data Length 4 Path DeviceHarddiskVolume1Program FilesSplunkUniversalForwardervarlibsplunkfishbucketsplunk_private_dbsnapshot Offset 0xfffdd6e4 Rename of a directory denied Status 0xc0000022

Sumitomo Mitsui Financial Group Joins the Open Invention Network Community
Is this still a valid approach with later versions of ICN, Sync, NMO,…?
Building an MS-DFS environment containing NSS4AD volumes and making it available through Filr
Mailings from our servers and containing some text blocked
SOLVE PROBLEMS BEFORE YOU HAVE TO SEARCH FOR THE SOLUTIONS

App Layering: Splunk installed in a layer can cause Event ID 3 from unifltr in the Windows System event log

Related:

Leave a Reply Cancel reply

Links