locked
Windows Update Logs are not generated properly for Windows Server 2016 build 1607 RRS feed

  • Question

  • I am trying to get the Windows Update logs on a System with Windows Server 2016 and Windows 10 build 1607 using powershell commandlet Get-WindowsUpdateLog. However, the output that I get, has random guids as below:

    1600/12/31 16:00:00.0000000 956   1608                  Unknown( 25): GUID=6ec578f9-9c46-351d-5238-568542450649 (No Format Information found).

    1600/12/31 16:00:00.0000000 956   1608                  Unknown( 207): GUID=0defb9f2-be29-3d72-4390-6806b45a584c (No Format Information found).

    1600/12/31 16:00:00.0000000 956   1608                  Unknown( 12): GUID=6ec578f9-9c46-351d-5238-568542450649 (No Format Information found).

    1600/12/31 16:00:00.0000000 956   1608                  Unknown( 13): GUID=6ec578f9-9c46-351d-5238-568542450649 (No Format Information found).

    1600/12/31 16:00:00.0000000 956   1608                  Unknown( 14): GUID=6ec578f9-9c46-351d-5238-568542450649 (No Format Information found).

    1600/12/31 16:00:00.0000000 956   1608                  Unknown( 15): GUID=6ec578f9-9c46-351d-5238-568542450649 (No Format Information found).

    1600/12/31 16:00:00.0000000 956   1608                  Unknown( 16): GUID=6ec578f9-9c46-351d-5238-568542450649 (No Format Information found).

    1600/12/31 16:00:00.0000000 956   1608                  Unknown( 20): GUID=6ec578f9-9c46-351d-5238-568542450649 (No Format Information found).

    1600/12/31 16:00:00.0000000 956   1608                  Unknown( 10): GUID=2fc03aa6-a1fa-3d0c-ba09-b8539ec28a26 (No Format Information found).

    1600/12/31 16:00:00.0000000 956   1608                  Unknown( 126): GUID=2fc03aa6-a1fa-3d0c-ba09-b8539ec28a26 (No Format Information found).

    1600/12/31 16:00:00.0000000 956   1608                  Unknown( 146): GUID=2fc03aa6-a1fa-3d0c-ba09-b8539ec28a26 (No Format Information found).

    1600/12/31 16:00:00.0000000 956   1608                  Unknown( 57): GUID=2fc03aa6-a1fa-3d0c-ba09-b8539ec28a26 (No Format Information found).

    1600/12/31 16:00:00.0000000 956   1608                  Unknown( 10): GUID=2fc03aa6-a1fa-3d0c-ba09-b8539ec28a26 (No Format Information found).

    1600/12/31 16:00:00.0000000 956   1608                  Unknown( 125): GUID=2fc03aa6-a1fa-3d0c-ba09-b8539ec28a26 (No Format Information found).

    1600/12/31 16:00:00.0000000 956   1608                  Unknown( 145): GUID=2fc03aa6-a1fa-3d0c-ba09-b8539ec28a26 (No Format Information found).

    1600/12/31 16:00:00.0000000 956   1608                  Unknown( 185): GUID=0defb9f2-be29-3d72-4390-6806b45a584c (No Format Information found).

    1600/12/31 16:00:00.0000000 956   1608                  Unknown( 194): GUID=0defb9f2-be29-3d72-4390-6806b45a584c (No Format Information found).

    1600/12/31 16:00:00.0000000 956   1608                  Unknown( 241): GUID=0defb9f2-be29-3d72-4390-6806b45a584c (No Format Information found).

    I connected the system to internet to update the SymCache. After connecting to the internet, few guids were resolved. However, most of the log is still unreadable.

    Is there a way to resolve the entire update log without internet connection?

    The size of my current SymCache folder is around 18 MB. What is the expected size of this folder?

    Cross-post reference on Microsoft Answers : https://answers.microsoft.com/en-us/windows/forum/all/windows-update-logs-are-not-generated-properly-for/09479264-e1ad-4a68-b619-f752264a0926

    Thursday, March 7, 2019 11:28 AM

All replies

  • Hi iVipz,
      

    It is a pleasure to answer your question.
    In the condition that you can access the Internet, please try the following steps:
      

    1. Delete everything under the %temp%\windowsupdatelog folder.
    2. Make sure your computer has access to the Internet, verify that you can access http://msdl.microsoft.com/download/symbols
    3. Run PowerShell as administrator and execute the following command:
      > Get-WindowsUpdateLog
      PowerShell cmdlet will automatically download the files needed for the conversion.
    4. If the above steps still do not solve the problem, please make your computer has the latest monthly rollup installed. Or install the latest cumulative update by visiting the following: Windows 10 and Windows Server 2016 update history
        

    If unable to access the Internet, please read the following article: Offline Symbols for Windows Update
    Here are instructions on how to use offline symbols for Windows Update.
      

    Hope the above can help you.
      

    Regards,
    Yic Lv

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Friday, March 8, 2019 2:18 AM
  • Hi,
     

    Any update is welcome here.
    If the issue is resolved, share your solution or find the helpful response "Mark as Answer" to help other community members find the answer.
     

    Thank you for your cooperation, as always.
     

    Regards,
    Yic

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Friday, March 15, 2019 6:09 AM
  • I had the same issue. Turns out when I run the code as "nt authority\system" I see:

    1600/12/31 16:00:00.0000000 1144 192 Unknown( 51): GUID=a09e99c9-a6c4-3261-6004-3aafb80214f7 (No Format Information found). 1600/12/31 16:00:00.0000000 1144 192 Unknown( 51): GUID=a09e99c9-a6c4-3261-6004-3aafb80214f7 (No Format Information found). 1600/12/31 16:00:00.0000000 1144 192 Unknown( 51): GUID=a09e99c9-a6c4-3261-6004-3aafb80214f7 (No Format Information found).

    This can be duplicated by the following:

    psexec64.exe -i -s -c cmd.exe
    in the new command window type: Get-WindowsUpdateLog -Logpath c:\temp\Windowsupdate.log

    When I run the command as the local admin I see the correct information:

    2019/04/18 10:31:47.3488335 1144  192   DownloadManager Regulation (Enhanced) server path: https://tsfe.trafficshaping.dsp.mp.microsoft.com/TrafficShaping/ContentRegulation.asmx.
    2019/04/18 10:31:47.3499003 1144  192   WebServices     Auto proxy settings for this web service call.
    2019/04/18 10:31:47.6759339 1144  192   DownloadManager   Refresh Interval: 69
    2019/04/18 10:31:47.6759353 1144  192   DownloadManager   Global CDN property: NULL
    2019/04/18 10:31:47.6759433 1144  192   DownloadManager   Low: 10000
    2019/04/18 10:31:47.6759442 1144  192   DownloadManager   Normal: 10000
    2019/04/18 10:31:47.6759446 1144  192   DownloadManager   High: 10000
    2019/04/18 10:31:47.6759549 1144  192   DownloadManager   Per-Update: 8C40921E-C258-49EE-84B8-87718DF0ECCF at rate 0

    I am able to confirm the microsoft process below does work, I copied the SymCache folder from the user account folder: C:\Users\Administrator\AppData\Local\Temp\1\WindowsUpdateLog\SymCache [populated with 25mb]

    into the Local System Account Folder: C:\Windows\Temp\WindowsUpdateLog\SymCache [originally empty]

    The real question is why can't the system account see the same information as the local administrator?
    Why can't the SymCache folder be centrally located?

    • Edited by TheGreatDL Thursday, April 18, 2019 7:19 PM Corrected response
    Thursday, April 18, 2019 6:27 PM