Monitor unlimited number of servers
Filter log events
Create email and web-based reports

Direct access to Microsoft articles
Customized keywords for major search engines
Access to premium content

Event ID: 1 Source: Sentinel

Source
Level
Description
The description for Event ID ( 1 ) in Source ( Sentinel ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. The following information is part of the event: . Data:
0010: f8 0a 00 00 00 00 00 00   ψ.......
0018: 00 00 00 00 00 00 00 00   ........
0020: 00 00 00 00 00 00 00 00   ........
0028: 4e 54 53 49 4c 49 3a 44   NTSILI:D
0030: 72 69 76 65 72 45 6e 74   riverEnt
0038: 72 79 3a 73 79 73 4e 75   ry:sysNu
0040: 6d 4f 66 44 65 76 69 63   mOfDevic
0048: 65 73 00                  es.  
Comments
 
I recieved this error after removing some of the ZoneAlarm registry entries on our NT 4.0 Server.
Strongly appears to be related to Rainbow Sentinel hardware (dongles) or software security services (CD-ROM copy protection, eg Realflight G2). See www.rainbow.com for additional information and drivers, and resolving driver crashes under Windows XP. Test by renaming c:\winnt\system32\drivers\sentinel.sys (in safe mode) to something else.
How to remove the service (if you are absolutely sure you don't need it):
Using regedit delete
HKEY_LOCAL_MACHINE/SYSTEM/CURRENTCONTROLSET/SERVICES/SENTINEL

Windows Event Log Analysis Splunk App

Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net.

Read more...

 

Cisco ASA Log Analyzer Splunk App

Obtain enhanced visibility into Cisco ASA firewall logs using the free Firegen for Cisco ASA Splunk App. Take advantage of dashboards built to optimize the threat analysis process.

Read more...