Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
sccm parser very slow to process unsupported sccm log files (/Windows/CCM/Logs/*.log)
See original GitHub issueDescription of problem:
Multiple workers hang with 100% CPU when using SCCM parser on log files in /windows/CCM/Logs/ directory.
Command line and arguments:
/usr/bin/python /usr/bin/log2timeline.py --single-process --debug /data/out.dump /mnt/Windows/CCM/Logs
Source data:
File has been sent to joachim via email
Plaso version:
20180630
Operating system Plaso is running on:
Arch Linux docker container
Installation method:
docker latest
Debug output/tracebacks:
2018-07-13 12:20:00,898 [DEBUG] (MainProcess) PID:8 <extractors> [ParseFileEntryWithParsers] parsing file: OS:/mnt/Windows/CCM/Logs/AssetAdvisor-20180115-090826.log with parser: pls_recall
2018-07-13 12:20:00,898 [DEBUG] (MainProcess) PID:8 <extractors> pls_recall unable to parse file: OS:/mnt/Windows/CCM/Logs/AssetAdvisor-20180115-090826.log with error: Verification of first record failed.
2018-07-13 12:20:00,898 [DEBUG] (MainProcess) PID:8 <extractors> [ParseFileEntryWithParsers] parsing file: OS:/mnt/Windows/CCM/Logs/AssetAdvisor-20180115-090826.log with parser: sccm
^C^C^C
Issue Analytics
- State:
- Created 5 years ago
- Comments:17 (10 by maintainers)
Top Results From Across the Web
Log file reference - Configuration Manager - Microsoft Learn
A reference of all log files for Configuration Manager client, server, and dependent components.
Read more >SCCM Log Files | ConfigMgr Log Files | MEMCM Log Files
The SCCM server log files are located in DRIVE-Letter:\Program Files\Microsoft Configuration Manager\Logs. Table of Contents. SCCM Log File ...
Read more >PowerShell function that super simplifies getting the right ...
The solution to the "I don't know which SCCM log should I open?" question. ... C:\Windows\CCM\Logs (SCCM client processing logs) ...
Read more >Read CMLogs with Powershell and Hello World!
As a ConfigMgr admin I have used CMTrace for many years but I recently had the need to get some data from the...
Read more >MEMCM Logs – Where Are My Log Files? - Recast Software
In my case it is C:\Windows\CCM\Logs. Site Servers. Configuration Manager Logs. Site server (normally primary site or CAS) log files are ...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Assigning to @joachimmetz since he has the files causing the issue.
Thanks for your hard work guys, I really appreciate the plaso project. Unfortunately I cannot really contribute in terms of code, but maybe in future issues. Thank you.