ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.
Following errors are shown on the Symantec Critical System Protction (SCSP) console : "ELC_0002: Could not read event from NT event log: Security." & "ELC_0018: Event log 'Security' is corrupted - skipping xx events to recover."
Article ID: 161789
Critical System Protection
Following errors are shown on the SCSP console : "ELC_0002: Could not read event from NT event log: Security." & "ELC_0018: Event log 'Security' is corrupted - skipping xx events to recover."
There is a corrupted entry in the NT Event log on Windows, preventing SCSP from parsing the logs. You can clear events in an event log by using Event Viewer or by using the wevtutil command on a command line.
To clear an event log by using Event Viewer
Start Event Viewer.
In the console tree, navigate to the event log you want to clear.
On the Action menu, click Clear Log .
You can either clear the event log or save a copy of the event log and then clear it.
To clear the event log without saving: Click Clear .
To clear the event log after saving: Click Save and Clear , type a name for the saved file in File name on the Save As dialog box and click Save .
To clear an event log by using a command line
To open a command prompt, click Start , type cmd in the Start Search box, and then press Enter .