Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net. The EventId.Net for Splunk Add-on assumes that Splunk is collecting information from Windows servers and workstation via the Splunk Universal Forwarder.
The buffer size returned by a collect procedure in Extensible Counter DLL "<path to dll>" for the "<service name>" service was larger than the space available. Performance data returned by counter DLL will be not be returned in Perf Data Block. Overflow size is data DWORD 0.
|English: Request a translation of the event description in plain English.|
|Concepts to understand:|
What is a DLL?
What are the performance counters?
What is a DWORD?
As per ME242973 in Windows NT 4.0 this event may be posted erroneously.
Also check ME226494 for more details about this error.
Most of the Win32 API calls return a buffer (area of memory) with the results. This buffer must be sized to hold the data coming back. If the data returned is larger than the size of the buffer, a buffer overflow condition occurs, and stability is threatened, if not actually compromised.
Because of this, the programmer typically tells the API function how big the buffer is - the function checks before it fills the buffer with the data, and if the buffer is undersize, the function returns an error, rather than overflowing the buffer.
|Private comment: Subscribers only. See example of private comment|
|Links: ME226494, ME242973|
|Search: Google - Bing - Microsoft - Yahoo - EventID.Net Queue (0) - More links...|
Send comments or solutions
- Notify me when updated