6643 – net eventlog dump does not work

Bug 6643 - net eventlog dump does not work

Summary: net eventlog dump does not work

Status:	ASSIGNED

Alias:	None

Product:	Samba 3.4
Classification:	Unclassified
Component:	Client Tools (show other bugs)
Version:	3.4.0
Hardware:	x86 Linux

Importance:	P3 minor
Target Milestone:	---
Assignee:	Guenther Deschner
QA Contact:	Samba QA Contact

URL:
Keywords:

Depends on:
Blocks:

Reported:	2009-08-18 07:23 UTC by TAKAHASHI Motonobu
Modified:	2009-08-20 08:09 UTC (History)
CC List:	0 users

See Also:

Attachments
Level 10 log (6.93 KB, text/plain) 2009-08-18 07:26 UTC, TAKAHASHI Motonobu	no flags	Details
My eventlog file (115.21 KB, application/octet-stream) 2009-08-18 07:28 UTC, TAKAHASHI Motonobu	no flags	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description TAKAHASHI Motonobu 2009-08-18 07:23:53 UTC

net eventlog dump does not work with EVT files created by (at least) Windows XP.
As far as I examined "net eventlog dump" works with EVT files from Samba, create by " net eventlog export" command.

The file attached is the commandline output: 

net -s /dev/null -d10 eventlog dump /tmp/en-system.evt 2>&1 | tee  net-eventlog-dump.txt

en-system.evt is an exported EVT file from Windows XP (english version).

Comment 1 TAKAHASHI Motonobu 2009-08-18 07:26:48 UTC

Created attachment 4567 [details]
Level 10 log

Comment 2 TAKAHASHI Motonobu 2009-08-18 07:28:07 UTC

Created attachment 4568 [details]
My eventlog file

Comment 3 Guenther Deschner 2009-08-20 08:09:20 UTC

Ok, we (still) fail to parse the Pad field inside the EVENTLOGRECORD correctly. Fix will be probably not too hard.