Aug 22 2022 03:12 PM
Hello,
We are rolling out KB5005292 on our 2016 servers and so far tests servers we used lost Sense event viewer logs.
Trying to get it from powershell with the following command line :
Get-WinEvent -FilterHashtable @{ProviderName="Microsoft-Windows-Sense" ;ID=1}
Generate the following result :
Checking Kernel-EventTracing we get the following :
One interesting thing is a new registry key was discovered on those devices :
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\
Comparing with servers on 10.8048.22439.1065 those keys are new.
Anyone faced the same issues?
Aug 23 2022 02:18 AM
One interesting thing, we can reproduce only on machine which have been manually upgraded with the executable downloaded from the Microsoft Catalog.
If the upgrade is installed through WU, it's working fine.