The following article describes how to fix the log source error ELC00814 with message "Unable to enumerate log channels on host: (#). The interface is unknown." This error can appear if the Windows Event Log service has stopped or has been set to start manually and the machine has been restarted.
You would see an error in the Alert Logic console under Configuration > Deployments > All Deployments > Log Sources. The error description can be viewed by clicking the Error icon and then clicking the Status History tab in the right sidebar that displays.
Note: This information applies only to customers with Alert Logic® Cloud Defender™ or Alert Logic Log Manager™ entitlements.
- On your PC, check that the Event Log service is running:
a. Go to Control Panel.
b. Click Administrative Tools.
c. Click Services.
d. Scroll down and click Windows Event Log.
e. Type "services.msc" in the Start parameters text field and press Enter.
f. Locate the Windows Event Log, observe the current status, and double click it to make changes.
- Check the service for errors.
- Restart the EventLog service by clicking Start.
Note: If any errors occur upon starting the service, contact a local Windows Administrator to troubleshoot.
The log source should come out of the error state in 10 to 15 minutes.