Account Lockout event not collected

Hi All,

we have SCOM 2012 SP1 with ACS installed on the same box. we uses account lockout report on monthly basis which is send to IT Control team. when we tried to get the report for the month of august it's giving data for july till 22nd. i did check the table which is used by ACS to store the events and observed that the table was not updated after 22nd for event id 4740(account lockout event). i have noticed that the DC has log for event ID 4740 after 22nd july. then after checked the configuration on ACS and found as below -

C:\Windows\System32\Security\AdtServer>AdtAdmin.exe /getquery
Current query: 'SELECT * FROM AdtsEvent WHERE NOT (EventId=4624 OR EventId=4634
OR EventId=4672 OR EventId=4776 OR EventId=4662 OR EventId=4768 OR EventId=4769
OR EventId=4932 OR EventId=4933 OR EventId=4931 OR EventId=5447 OR EventId=4770
OR EventId=4648 OR EventId=4944 OR EventId=4945 OR EventId=4946 OR EventId=4947
OR EventId=4948 OR EventId=4949 OR EventId=4950 OR EventId=4951 OR EventId=4952
OR EventId=4953 OR EventId=4954 OR EventId=4956 OR EventId=4957 OR EventId=4958
OR EventId=5050 OR EventId=4612 OR EventId=4615 OR EventId=4618 OR EventId=4816
OR EventId=5038 OR EventId=5056 OR EventId=5057 OR EventId=5060 OR EventId=5061
OR EventId=5062 OR EventId=4709 OR EventId=4710 OR EventId=4711 OR EventId=4712
OR EventId=5040 OR EventId=5041 OR EventId=5042 OR EventId=5043 OR EventId=5044
OR EventId=5045 OR EventId=5046 OR EventId=5047 OR EventId=5048 OR EventId=5440
OR EventId=5441 OR EventId=5442 OR EventId=5443 OR EventId=5444 OR EventId=5446
OR EventId=5448 OR EventId=5449 OR EventId=5450 OR EventId=5456 OR EventId=5457
OR EventId=5458 OR EventId=5459 OR EventId=5460 OR EventId=5461 OR EventId=5462
OR EventId=5463 OR EventId=5464 OR EventId=5465 OR EventId=5466 OR EventId=5467
OR EventId=5468 OR EventId=5471 OR EventId=5471 OR EventId=4615 OR EventId=4618
OR EventId=4816 OR EventId=5038 OR EventId=5056 OR EventId=5057 OR EventId=5060
OR EventId=5061 OR EventId=5062 OR EventId=4780 OR EventId=6144)'

can anyone help me to resolve the issue why the event ID 4740 not collected by ACS.

Rakesh Kumar

Account Lockout event not collected

Trending Articles

Practice Sheet of Right form of verbs for HSC Students

Download: FK ft Shenky – Nakuyewa ”Prod by: Shenky”

How to win at Markstrat (Markstrat Tips and Tricks) – Vodites

Ominde Commission Report and Recommendations – Ominde Report of 1964

Bureau of Internal Revenue: Regional Offices (Directory)

GO 53 on Enhancement of Ex-gratia upto 5 Lakhs Toddy Tappers in Telangana

Cakewalk CA-2A Leveling Amplifier v2.0.1.97 WiN, v2.0.1.96 OSX Incl Keygen

Mp3 Download: Mdu - Kunjenjenjena

How the kill the job , when DTP request running for long hours.

Microsoft Intune から展開しているアプリのアップデートについて

18-year-old girl was beaten for half an hour by two Northampton men in 'an...

Car crash in Dunton Bassett leaves driver in critical condition

Macky 2, Two Others In Road Accident

Application log 00000000000000089514: Could not convert queue DLVST90CLNT

Detroit mafia: D’Anna Brothers agree to plea deal

Delivery block field greyed out using VA02

Muloraki Au

【個人撮影】スマホのプライベート映像♪「中に出さないで///」カラオケ屋での生ハメ撮りが流出ｗ【リベンジポルノ】＠PornHub

BREAKING NEWS: Diamond Platnumz Is Reported Dead After Ghastly Car Accident

FIAT 500 B0111 B0112