Monitor unlimited number of servers
Filter log events
Create email and web-based reports

Direct access to Microsoft articles
Customized keywords for major search engines
Access to premium content

Event ID: 10096 Source: MicrosoftForefrontClientSecurity

Failed to create process '9'.
As per TB643195, when Client Security is installed in a topology that separates the collection server from the Client Security console, running an On Demand scan causes two failed events to occur on the collection server. The first is event 10096, with the following error: "Create Process failed result = '9'". The second is event 10069, with the following error: "Error reading string from registry '2'".
The Client Security agent is not automatically installed on the collection server. However, because the collection server runs MOM, it is considered to be a managed computer and is subject to any actions targeted to "all managed computers." The antimalware portion of the scan generates one set of these errors, and the security state assessment (SSA) scan generates a second set of these errors.

These errors can be ignored.

Windows Event Log Analysis Splunk App

Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to



Cisco ASA Log Analyzer Splunk App

Obtain enhanced visibility into Cisco ASA firewall logs using the free Firegen for Cisco ASA Splunk App. Take advantage of dashboards built to optimize the threat analysis process.