The ntevl probe is generating alerts but the translation is wrong, in the event the date and hour is not shown but instead it says timestamp.

The following message:

"ntevl probe alarm message: $time_stamp;$source;$event_id;$category;$message;"

Is translated as:

"time_stamp;Microsoft-Windows-SMBServer;3000;None;SMB1 access Client Address:.xx.xyz.zxy Guidance: 

This event indicates that a client attempted to access the server using SMB1. To stop auditing SMB1 access, use the Windows PowerShell cmdlet Set-SmbServerConfiguration."

This means that the time stamp from the event log is no longer being translated.

DX UIM UIM 20.4 CU9
ntevl version 4.34

Defect

Apply the attached fix "ntevl-4.34-T4" to resolve the defect.