Version

Argent for Compliance 3.1A-1401-A or below

Date

Monday, 13 Jan 2014

Summary

Windows event records should always have positive Event ID

But some buggy code from third-party vendors may generate event with an invalid Event ID of ‘0‘

When it is viewed in Event Log Viewer, message may be displayed as following:

When Argent for Compliance reads the same event, it returns empty message ‘None‘

The test result may look like following:

Click For Full Size

Technical Background

Argent for Compliance 3.1A-1401-B has been enhanced to compose a substitute message using insertion strings

Resolution

Upgrade to Argent AT 3.1A-1401-B or later