Server Maintenance Tip: Exchange 2010 Event Logs

  • calender Image October 01, 2011
  • Posted By Eric Schlissel
Blog Image

Here’s a brief introduction to the Exchange 2010 Event Logs. If you haven’t already so, be sure to check out Windows 2008 Event Log post as well. Combing the event
logs should be part of your daily system checks as an IT Professional.
First go to Administrative Tools on a Windows Server and open Event Viewer. There are many categories in the Event Viewer depending on what is installed on your server. We will focus on Application and System for now.

[activecampaign form=85]

There are 3 types of events, Informational, Warning and Error for each category. Below are some important examples to be aware of in the Informational and Error catagories.

Most of the time the Information events are things to be aware of, but do not require action. An example of an Information event from the Application Log is Event ID 2080. This is a very important Event. It indicates that the Exchange 2010 is able to contact and communicate with a Domain Controller on the network. The Microsoft Exchange Active Directory Topology Service is responsible for checking in on Domain
Controller availability. You can see particular service if you open Administrative Tools and Services. If Exchange cannot contact a Domain Controller than services begins to fail and mail flow stops and this Error will appear in the Application Log Event ID 2104. Topology discovery failed…. That means it’s time to act, as is the case with most Errors in the Event Log. Check to make sure that the Domain Controller is powered on, if it is on, can you ping it from the Exchange Server, possibly restart the Topology Service and see if the error logs again. There are many more potential troubleshooting techniques for this such as a checking DNS resolution or has there been an IP change as well among the many.

Another useful Error in the System Log to be aware of is Event ID 7022. This error lets you know when a service failed to start and what service it is; it is most commonly seen after a reboot or an application crash. In this case it is the Exchange Transport Service. The next move is to go to Administrative Tools/Service and attempt to manually start it. If it does not immediately start backup check for other dependencies that are required to be running and possibly log in accounts/passwords that are set up in the Service Properties.

These are just a few among many Events from an Exchange 2010 Server Event Viewer. To be an effective IT Professional you must know your environment; be aware of what services are installed on your network and what systems they reside on. Look at the logs each day to know what is going on within the environment. It’s all right there at your finger tips.

Exchange 2010

Server Maintenance Tip: Exchange 2010 Event Logs

Here’s a brief introduction to the Exchange 2010 Event Logs. If you haven’t already so, be sure to check out Windows 2008 Event Log post as well. Combing the event
logs should be part of your daily system checks as an IT Professional.
First go to Administrative Tools on a Windows Server and open Event Viewer. There are many categories in the Event Viewer depending on what is installed on your server. We will focus on Application and System for now.

[activecampaign form=85]

There are 3 types of events, Informational, Warning and Error for each category. Below are some important examples to be aware of in the Informational and Error catagories.

Most of the time the Information events are things to be aware of, but do not require action. An example of an Information event from the Application Log is Event ID 2080. This is a very important Event. It indicates that the Exchange 2010 is able to contact and communicate with a Domain Controller on the network. The Microsoft Exchange Active Directory Topology Service is responsible for checking in on Domain
Controller availability. You can see particular service if you open Administrative Tools and Services. If Exchange cannot contact a Domain Controller than services begins to fail and mail flow stops and this Error will appear in the Application Log Event ID 2104. Topology discovery failed…. That means it’s time to act, as is the case with most Errors in the Event Log. Check to make sure that the Domain Controller is powered on, if it is on, can you ping it from the Exchange Server, possibly restart the Topology Service and see if the error logs again. There are many more potential troubleshooting techniques for this such as a checking DNS resolution or has there been an IP change as well among the many.

Another useful Error in the System Log to be aware of is Event ID 7022. This error lets you know when a service failed to start and what service it is; it is most commonly seen after a reboot or an application crash. In this case it is the Exchange Transport Service. The next move is to go to Administrative Tools/Service and attempt to manually start it. If it does not immediately start backup check for other dependencies that are required to be running and possibly log in accounts/passwords that are set up in the Service Properties.

These are just a few among many Events from an Exchange 2010 Server Event Viewer. To be an effective IT Professional you must know your environment; be aware of what services are installed on your network and what systems they reside on. Look at the logs each day to know what is going on within the environment. It’s all right there at your finger tips.

You also might be interested in

Related Image

The Top 5 Costly Data Integration Project Mistakes And How to Avoid Them 

calender ImageJune 30, 2022 You have probably been through at least one data integration project. And if you are like most businesses, that project probably was not as smooth as you would have liked. In fact, it is likely […] Read full post
Related Image

How Long Does Server Migrations Take?

calender ImageApril 04, 2022 Server migration is a highly strategic undertaking that must be completed without disrupting corporate operations, SLAs, data performance, or availability. There can be several reasons for it, such as cost-cutting initiatives, regulatory requirements, service risk […] Read full post
Related Image

FAQ: GeekTek Rebranding as XOverture

calender ImageJuly 28, 2021 We’re excited to announce that as of 7/29/2021 the IT services company formerly known as GeekTek will be changing our name and branding to XOverture! Why the Name Change? Our CEO Eric Schlissel started GeekTek […] Read full post