All Apps and Add-ons
×
Are you a member of the Splunk Community?
Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
- Find Answers
- :
- Apps & Add-ons
- :
- All Apps and Add-ons
- :
- EventCode="1000" Getting Application crashing even...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
EventCode="1000" Getting Application crashing events for App: splunk-winevtlog.exe for module: KERNELBASE.dll at Universal Forwarder with Exception code: 0xeeab5254
suneel_k
Explorer
10-07-2019
08:21 AM
TaskCategory=Application Crashing Events
OpCode=Info
RecordNumber=10753333
Keywords=Classic
Message=Faulting application name: splunk-winevtlog.exe, version: 1541.512.22661.47915, time stamp: 0x5885be60
Faulting module name: KERNELBASE.dll, version: 6.3.9600.19425, time stamp: 0x5d26b6e9
Exception code: 0xeeab5254
Fault offset: 0x000000000000908c
Faulting process id: 0x844c
Faulting application start time: 0x01d579ad6fa2ae81
Faulting application path: C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe
Faulting module path: C:\Windows\system32\KERNELBASE.dll
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
mykol_j
Communicator
12-08-2020
11:37 AM
Me too... almost every one of my Universal Forwarder clients, and yet, it's running and sending in logs...
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
suneel_k
Explorer
10-07-2019
09:13 AM
After this Crash Error also getting (error) log with EventCode=1001, Details given below
LogName=Application
SourceName=Windows Error Reporting
EventCode=1001
EventType=4
Type=Information
ComputerName=xxxxxxxxxxxxxxxxxxxxxxxxxx
TaskCategory=The operation completed successfully.
OpCode=Info
RecordNumber=10753261
Keywords=Classic
Message=Fault bucket , type 0
Event Name: APPCRASH
Response: Not available
Cab Id: 0
Problem signature:
P1: splunk-winevtlog.exe
P2: 1541.512.22661.47915
P3: 5885be60
P4: KERNELBASE.dll
P5: 6.3.9600.19425
P6: 5d26b6e9
P7: eeab5254
P8: 000000000000908c
P9:
P10:
Attached files:
These files may be available here:
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_splunk-winevtlog_7896c23e413c5d4ef2d6835430d3f6acbd6b3f_8cede047_b59a0a24
Analysis symbol:
Rechecking for solution: 0
Report Id: e543498a-e59d-11e9-8135-00505686288e
Report Status: 0
Hashed bucket:
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
dyolmc
Explorer
05-05-2020
05:52 AM
Did you ever figure why this was occurring? Noticing the same thing.
Get Updates on the Splunk Community!
Stay Connected: Your Guide to May Tech Talks, Office Hours, and Webinars!
What are Community Office Hours?Community Office Hours is an interactive 60-minute Zoom series where ...
It’s go time — Boston, here we come!
Are you ready to take your Splunk skills to the next level? Get set, because Splunk University is back, and ...
Performance Tuning the Platform, SPL2 Templates, and More New Articles on Splunk ...
Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data ...
