Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net. The EventId.Net for Splunk Add-on assumes that Splunk is collecting information from Windows servers and workstation via the Splunk Universal Forwarder.
description for Event ID ( 0 ) in Source ( sshd ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: sshd : Win32 Process Id = 0x744 : Cygwin Process Id = 0x744 : fatal: Write failed: Cannot send after transport endpoint shutdown.
|English: Request a translation of the event description in plain English.|
|Concepts to understand:|
What is a DLL?
I ran into a similar issue and found out that the SvcCOPSSH user was not part of the Administrators group in Windows. Once I added it to the Administrators group it started to work.
From a newsgroup post: "I added Full Control for the SYSTEM account to:
I can now successfully start up sshd as a service".
From a newsgroup post: "I had to manually copy keys in the registry from HKCU\Software\Cygnus Solutions\Cygwin\mounts v2 to HKEY_LOCAL_MACHINE in the same location. SSHD has worked great ever since".
|Private comment: Subscribers only. See example of private comment|
|Search: Google - Bing - Microsoft - Yahoo - EventID.Net Queue (0) - More links...|
Send comments or solutions
- Notify me when updated