Monitor unlimited number of servers
Filter log events
Create email and web-based reports

Direct access to Microsoft articles
Customized keywords for major search engines
Access to premium content

Event ID: 1001 Source: SclgNtfy

Source
Level
Description
Default local machine policy cannot be created. Error <error code> to open LocalMachinePolicy.
Comments
 
I had the same problem after sysprep of a hardened a W2KSP4 machine. Got it resolved by re-applying the setup security policy and then again our own local policy. To do so just open mmc and add the "Security Configuration and Analysis" snap-in. Open a new database and use Microsoft's "setup Security.inf" template. Apply it on the system. Before re-applying your own security template reboot the machine. After the reboot re-apply your policies. If you changed services, NTFS & registry permissions outside your policy please check this also.
Error code: 80070005 - Error on Win2k SP3 TermServ after sysprep and image. The fix was to rename the \system32\GroupPolicy folder to GroupPolicy.old, then create a new blank \system32\GroupPolicy folder. Run gpedit.msc. This will re-create the LGPO. You will have to recreate any local policy settings that you want enabled.
Error code: 80004005. In my case the error occured because administrators were locked out to get local policies by denying access to c:\winnt\system32\GroupPolicy.

Windows Event Log Analysis Splunk App

Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net.

Read more...

 

Cisco ASA Log Analyzer Splunk App

Obtain enhanced visibility into Cisco ASA firewall logs using the free Firegen for Cisco ASA Splunk App. Take advantage of dashboards built to optimize the threat analysis process.

Read more...