Monitor unlimited number of servers
Filter log events
Create email and web-based reports

Direct access to Microsoft articles
Customized keywords for major search engines
Access to premium content

Event ID: 0 Source: EvtEng

The description for Event ID ( 0 ) in Source ( EvtEng ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: Service started.
This problem can occur if you are not in the Administrator group of the machine hosting the event file, or, if the Remote Registry service is disabled on the host computer. If either of these conditions are true, the event descriptions might not be available, which leaves you with a fairly useless event log.

You can use the mmc.exe command to open a Microsoft Management Console (MMC) console and specify the /auxsource flag to tell Event Viewer to use an alternate source for the descriptions. For the best results, the alternate source should be similar to the computer that generated the event file to ensure the same components are available to provide full event descriptions.

To run the mmc.exe command, open the Run dialog box or go to the command prompt and type:

mmc /a eventvwr.msc /auxsource=<server by IP address, DNS name of NetBIOS name>

Windows Event Log Analysis Splunk App

Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to



Cisco ASA Log Analyzer Splunk App

Obtain enhanced visibility into Cisco ASA firewall logs using the free Firegen for Cisco ASA Splunk App. Take advantage of dashboards built to optimize the threat analysis process.