Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net. The EventId.Net for Splunk Add-on assumes that Splunk is collecting information from Windows servers and workstation via the Splunk Universal Forwarder.
The McAfee GroupShield for Microsoft Exchange could not logon to MAPI.
|English: Request a translation of the event description in plain English.|
|Concepts to understand:|
What is MAPI?
This problem started after applying KB890175, KB891711, and KB871250 on a Windows 2000 SP4 server that is a DC running Exchange 2000 (SP3) and McAfee GroupShield for Exchange 5.2. Restarting the GroupShield service didn't fix the problem. The event log began filling up with event ID 1048 and the message "McAfee GroupShield Exchange failed to send message", when a new email that contained a virus came in. Virus scanning worked GroupShield just couldn't notify. A full reboot of the server fixed it.
|Private comment: Subscribers only. See example of private comment|
|Links: EventID 1048 from source AVExch32Service|
|Search: Google - Bing - Microsoft - Yahoo - EventID.Net Queue (0) - More links...|
Send comments or solutions
- Notify me when updated