[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] Win2k-SP3
|
From: |
Brad Campbell |
|
Subject: |
[Qemu-devel] Win2k-SP3 |
|
Date: |
Mon, 21 Jun 2004 12:46:05 +0400 |
|
User-agent: |
Mozilla Thunderbird 0.6+ (X11/20040602) |
G'day all,
The latest changes to QEMU-CVS have made the installation phase much quicker.
The hardware detection seems more reliable and moves through faster, but there is still the issue of
the disk full messages.
Now I loopback mounted the entire NTFS filesystem and copied all 2.9GB of log files from the
WINNT\security directory onto another drive for examination.
I now have 2751 log files to examine. edb.log -> edb00A05.log.
I tried copying some of them to a win2k box and loading them with event viewer
to no avail.
Using "less" I can see that the files contain some information but I can't seem to make any sense
from it. I can see some form of filenames and paths, but nothing I can make sense of.
Strings is not helpful here apparently as the strings output on any of the
files is below :-
srv:/raid0/tmp/security# strings edb00A05.log
C:\WINNT\Security\
C:\WINNT\Security\
C:\WINNT\Security\Database\secedit.sdb
srv:/raid0/tmp/security#
Does anyone know what I can use to extract some information from these files?
Incidentally, the entire 2.9GB of log files compressed with gzip comes to 3.3MB.
I have put the whole shebang at http://www.wasp.net.au/~brad/win2k-logs.tgz if anyone is interested
in having a look.
I assume it simply stops writing to the logs when the disk reaches a certain state of fill as it
appears to happen in a simplar fashion no matter what the drive size.
Regards,
Brad
- [Qemu-devel] Win2k-SP3,
Brad Campbell <=