4

AWS documentation says "For Windows instances, the instance console output displays the last three system event log errors."

So thats obviously wrong. When I run "get system log" on one of my EC2 instances from the web console i see

2017/05/23 21:43:15Z: EC2ConfigMonitorState: 0 2017/05/23 21:43:15Z: Windows sysprep configuration complete. 2017/05/23 21:43:16Z: AMI Origin Version: 2016.12.14 2017/05/23 21:43:16Z: AMI Origin Name: Windows_Server-2012-R2_RTM-English-64Bit-Base 2017/05/23 21:43:16Z: OS: Microsoft Windows NT 6.3.9600 2017/05/23 21:43:16Z: OsVersion: 6.3 2017/05/23 21:43:16Z: OsProductName: Windows Server 2012 R2 Standard 2017/05/23 21:43:16Z: Language: en-US 2017/05/23 21:43:16Z: TimeZone: Coordinated Universal Time 2017/05/23 21:43:16Z: Offset: UTC 00:00:00 2017/05/23 21:43:16Z: EC2 Agent: Ec2Config service v4.1.1396 2017/05/23 21:43:16Z: Driver: AWS PV Network Device v7.4.3.0 2017/05/23 21:43:16Z: Driver: AWS PV Storage Host Adapter v7.4.3.0 2017/05/23 21:43:17Z: Message: Waiting for meta-data accessibility... 2017/05/23 21:43:17Z: Message: Meta-data is now available. .... 2017/05/23 21:43:26Z: KMS: Server:169.254.169.251; Attempt:1 2017/05/23 21:43:26Z: Message: Product activation was successful 2017/05/23 21:43:26Z: Message: Windows is Ready to useii 

Thats not a windows event log and its not just the "last 3 errors". Where is the output Im looking at located on the instance and why does the documentation say it should be error system event logs when it is not?

3
  • This sounds like a question for AWS. Commented Jun 18, 2017 at 19:37
  • 3
    I can't ask AWS questions on SF? If I thought was a weird obscure question about the platform that required internal knowledge I would probably have asked it on their forum or through support- but it isn't is it? I think this info would be useful to anyone that uses EC2. Commented Jun 18, 2017 at 20:11
  • 1
    When you have a question about a product the first port of call should generally be the vendor. Given how many millions of people use AWS this is more likely to be unclear documentation than an actual problem. Of course you can ask on SF, and someone may well answer your question. Commented Jun 18, 2017 at 20:32

3 Answers 3

1

I ran into the same issue and got the same result. So if you look at

C:\ProgramData\Amazon\EC2-Windows\Launch\Module\Scripts\Get-ConsolePort.ps1 that is where you see that error on line 174.

Write-Log "ACPI SPCR table not found. Bailing Out" 

Now if you look at the above if statement causing that you will see this line of code

$SPCRReaderExeDir = "$env:ProgramData\Amazon\EC2-Windows\Launch\Scripts" if (Test-Path -Path $SPCRReaderExeDir) { $SPCRReaderExePath = Join-Path $SPCRReaderExeDir "AWSAcpiSpcrReader.exe" $SPCROutput = cmd /c $SPCRReaderExePath # Parse the SPCR output and extract key fields such as Vendor ID, Device ID, BDF. $Dictionary = @{ } if ($SPCROutput -match 'SPCR table signature') { 

I am 90% sure AWSAcpiSpcrReader.exe is used with the huge

# SIG # Begin signature block 

at the end of each file and is used to validate that it is an allowed thing.

I am trying to copy the block into my user data but I think it will probably be too large so. It may be that if I import from S3 I can put the sig block there but I'm not sure. I am not a powershell person so we'll see.

HAHAHAHAHHA IT WORKED!! 2020/06/11 02:17:14Z: Message: Windows is Ready to use

2020/06/11 02:17:24Z: Message: OMGOMGOMG

Now, it is possible that block is generated every time the instance is built so we may have to somehow grab that block and import it to the userdata script. Or maybe when a new release is made. Unknown. Point is, the sig may change.

2
  • Can you add more details about what how you made this work? Below that "bailing out" line it returns $DefaultTargetPortName (COM1) which in my case is correct. So I think this error message is a red herring. I actually got it to work sometimes, but I'm not sure how. I think there is a delay of several minutes before you can see the result with GetConsoleOutput. Commented Jul 15, 2020 at 1:33
  • There is a delay. That is normal. There is also a point at which is stop adding to that log. Their is a file that has those settings and it is set to Critical and 3. which means last 3 critical messages. That may be another way to grab info and send it to the console log. Not sure on that. It would certainly be more elegant. I'll try to remember to check next time I'm in that area. Commented Jul 16, 2020 at 21:48
0

Excellent question. I have been struggling for months with seeing anything useful in that log for new Windows instances so I had to dig in. I'd like to post status messages there from provisioning scripts.

This is output from a serial console. I think Amazon set it up to be sort of like a Linux console, or maybe it's some ancient part of Windows. EC2Launch writes to it via a COM port.

You can see some examples by reading the code in _C:\ProgramData\Amazon\EC2-Windows\Launch\Module_ on a newer Windows instance.

An example that does effectively write during boot for some of the instances I have handy C:\ProgramData\Amazon\EC2-Windows\Launch\Scripts\SendWindowsIsReady.ps1

There's another script that's supposed to copy errors from the System event log to it, C:\ProgramData\Amazon\EC2-Windows\Launch\Scripts\SendEventLogs.ps1 ... I think that must be what the "last three system event log errors" documentation is referring to. But I've never been able to get that to show anything I wanted to show like progress of my userdata script.

I'm having a lot of trouble writing anything to the console. Maybe it's only accessible during boot or something. I'm trying things like,

Import-Module C:\ProgramData\Amazon\EC2-Windows\Launch\Module\Ec2Launch.psd1 Initialize-Log -Filename "testlog.log" -AllowLogToConsole Open-SerialPort Write-Log -Message 'hi from powershell' -LogToConsole 

but I get this error from Open-SerialPort:

ACPI SPCR table not found. Bailing Out

-1

From the EC2 panel select your EC2

Navigate in Action options => select Instance settings => get system logs.

There you can find logs of your system.

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.