Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Thursday, March 7, 2019 11:28 AM
I am trying to get the Windows Update logs on a System with Windows Server 2016 and Windows 10 build 1607 using powershell commandlet Get-WindowsUpdateLog. However, the output that I get, has random guids as below:
1600/12/31 16:00:00.0000000 956 1608 Unknown( 25): GUID=6ec578f9-9c46-351d-5238-568542450649 (No Format Information found).
1600/12/31 16:00:00.0000000 956 1608 Unknown( 207): GUID=0defb9f2-be29-3d72-4390-6806b45a584c (No Format Information found).
1600/12/31 16:00:00.0000000 956 1608 Unknown( 12): GUID=6ec578f9-9c46-351d-5238-568542450649 (No Format Information found).
1600/12/31 16:00:00.0000000 956 1608 Unknown( 13): GUID=6ec578f9-9c46-351d-5238-568542450649 (No Format Information found).
1600/12/31 16:00:00.0000000 956 1608 Unknown( 14): GUID=6ec578f9-9c46-351d-5238-568542450649 (No Format Information found).
1600/12/31 16:00:00.0000000 956 1608 Unknown( 15): GUID=6ec578f9-9c46-351d-5238-568542450649 (No Format Information found).
1600/12/31 16:00:00.0000000 956 1608 Unknown( 16): GUID=6ec578f9-9c46-351d-5238-568542450649 (No Format Information found).
1600/12/31 16:00:00.0000000 956 1608 Unknown( 20): GUID=6ec578f9-9c46-351d-5238-568542450649 (No Format Information found).
1600/12/31 16:00:00.0000000 956 1608 Unknown( 10): GUID=2fc03aa6-a1fa-3d0c-ba09-b8539ec28a26 (No Format Information found).
1600/12/31 16:00:00.0000000 956 1608 Unknown( 126): GUID=2fc03aa6-a1fa-3d0c-ba09-b8539ec28a26 (No Format Information found).
1600/12/31 16:00:00.0000000 956 1608 Unknown( 146): GUID=2fc03aa6-a1fa-3d0c-ba09-b8539ec28a26 (No Format Information found).
1600/12/31 16:00:00.0000000 956 1608 Unknown( 57): GUID=2fc03aa6-a1fa-3d0c-ba09-b8539ec28a26 (No Format Information found).
1600/12/31 16:00:00.0000000 956 1608 Unknown( 10): GUID=2fc03aa6-a1fa-3d0c-ba09-b8539ec28a26 (No Format Information found).
1600/12/31 16:00:00.0000000 956 1608 Unknown( 125): GUID=2fc03aa6-a1fa-3d0c-ba09-b8539ec28a26 (No Format Information found).
1600/12/31 16:00:00.0000000 956 1608 Unknown( 145): GUID=2fc03aa6-a1fa-3d0c-ba09-b8539ec28a26 (No Format Information found).
1600/12/31 16:00:00.0000000 956 1608 Unknown( 185): GUID=0defb9f2-be29-3d72-4390-6806b45a584c (No Format Information found).
1600/12/31 16:00:00.0000000 956 1608 Unknown( 194): GUID=0defb9f2-be29-3d72-4390-6806b45a584c (No Format Information found).
1600/12/31 16:00:00.0000000 956 1608 Unknown( 241): GUID=0defb9f2-be29-3d72-4390-6806b45a584c (No Format Information found).
I connected the system to internet to update the SymCache. After connecting to the internet, few guids were resolved. However, most of the log is still unreadable.
Is there a way to resolve the entire update log without internet connection?
The size of my current SymCache folder is around 18 MB. What is the expected size of this folder?
Cross-post reference on Microsoft Answers : https://answers.microsoft.com/en-us/windows/forum/all/windows-update-logs-are-not-generated-properly-for/09479264-e1ad-4a68-b619-f752264a0926
All replies (3)
Friday, March 8, 2019 2:18 AM
Hi iVipz,
It is a pleasure to answer your question.
In the condition that you can access the Internet, please try the following steps:
- Delete everything under the %temp%\windowsupdatelog folder.
- Make sure your computer has access to the Internet, verify that you can access http://msdl.microsoft.com/download/symbols
- Run PowerShell as administrator and execute the following command:
> Get-WindowsUpdateLog
PowerShell cmdlet will automatically download the files needed for the conversion. - If the above steps still do not solve the problem, please make your computer has the latest monthly rollup installed. Or install the latest cumulative update by visiting the following: Windows 10 and Windows Server 2016 update history
If unable to access the Internet, please read the following article: Offline Symbols for Windows Update
Here are instructions on how to use offline symbols for Windows Update.
Hope the above can help you.
Regards,
Yic Lv
Please remember to mark the replies as answers if they help.
If you have feedback for TechNet Subscriber Support, contact
Friday, March 15, 2019 6:09 AM
Hi,
Any update is welcome here.
If the issue is resolved, share your solution or find the helpful response "Mark as Answer" to help other community members find the answer.
Thank you for your cooperation, as always.
Regards,
Yic
Please remember to mark the replies as answers if they help.
If you have feedback for TechNet Subscriber Support, contact
Thursday, April 18, 2019 6:27 PM
I had the same issue. Turns out when I run the code as "nt authority\system" I see:
1600/12/31 16:00:00.0000000 1144 192 Unknown( 51): GUID=a09e99c9-a6c4-3261-6004-3aafb80214f7 (No Format Information found).
1600/12/31 16:00:00.0000000 1144 192 Unknown( 51): GUID=a09e99c9-a6c4-3261-6004-3aafb80214f7 (No Format Information found).
1600/12/31 16:00:00.0000000 1144 192 Unknown( 51): GUID=a09e99c9-a6c4-3261-6004-3aafb80214f7 (No Format Information found).This can be duplicated by the following:psexec64.exe -i -s -c cmd.exe
in the new command window type: Get-WindowsUpdateLog -Logpath c:\temp\Windowsupdate.logWhen I run the command as the local admin I see the correct information:2019/04/18 10:31:47.3488335 1144 192 DownloadManager Regulation (Enhanced) server path: https://tsfe.trafficshaping.dsp.mp.microsoft.com/TrafficShaping/ContentRegulation.asmx.
2019/04/18 10:31:47.3499003 1144 192 WebServices Auto proxy settings for this web service call.
2019/04/18 10:31:47.6759339 1144 192 DownloadManager Refresh Interval: 69
2019/04/18 10:31:47.6759353 1144 192 DownloadManager Global CDN property: NULL
2019/04/18 10:31:47.6759433 1144 192 DownloadManager Low: 10000
2019/04/18 10:31:47.6759442 1144 192 DownloadManager Normal: 10000
2019/04/18 10:31:47.6759446 1144 192 DownloadManager High: 10000
2019/04/18 10:31:47.6759549 1144 192 DownloadManager Per-Update: 8C40921E-C258-49EE-84B8-87718DF0ECCF at rate 0
I am able to confirm the microsoft process below does work, I copied the SymCache folder from the user account folder: C:\Users\Administrator\AppData\Local\Temp\1\WindowsUpdateLog\SymCache [populated with 25mb]
into the Local System Account Folder: C:\Windows\Temp\WindowsUpdateLog\SymCache [originally empty]
The real question is why can't the system account see the same information as the local administrator?
Why can't the SymCache folder be centrally located?