Monitor unlimited number of servers
Filter log events
Create email and web-based reports

Direct access to Microsoft articles
Customized keywords for major search engines
Access to premium content

Event ID: 1010 Source: DHCP

The DHCP service encountered the following error while cleaning up the database:<error description>
I started getting this event after migrating my SBS 2003 server to new hardware. I browsed several articles, and came across people stating that you need to make sure you can write to the Windows\system32\Dhcp folder. Sure enough upon investigation, I found that I could not write to anything in this folder. I removed the read only properties and all is now clear.
This error occurs when you move the DHCP database and its backup directories from the default location. When the DHCP service is initially installed, its database is stored in the \System32\DHCP folder, and the backup folder is set to \System32\DHCP\Backup\Jet. The DHCP database tracks all attached database directories and files in the System.mdb file. If the database and backup directories are moved, the backup fails. It does so because it tries to back up the database from the old and new locations but cannot find the database file in the old location.

User Action: Copy the original Windows 2000 system.md_ file from the Windows 2000 compact disc to your hard drive. Then run the Systemroot\System32\Expand.exe program to expand System.md_ to System.mdb. Next, copy System.mdb to the new database location. If you continue to receive this message, try running Jetpack on the database. See MSW2KDB.
From a Usenet posting: "The problem is that the DHCP database is corrupt and the DHCP server can't *delete* the file when it needs to wipe its backside - *not* find it as the message says.
If I remember correctly, there are two ways to fix it. Both involve first making a written note of any reserved leases you've set up, then stopping the DHCP Server. To be safe, also note all the DHCP scope and option settings. Finally either:
1. Delete the current database file and replace it with the backup file. However, this may not be a good idea since the backup could also be corrupt. I noticed that the date/time stamps on both were the same so chickened out. Delete file: <%SystemRoot%>\System32\dhcp\dhcp.mdb. Replace with: <%SystemRoot%>\System32\dhcp\backup\jet\new\dhcp.mdb
2. Delete the current database file, and then restart the DHCP server. Once restarted, you'll need to manually recreate all of your previous reserved leases. The DHCP Server should pick up the scope and options itself - at least it did with me."
Error: "The system cannot find the file specified." This behavior can occur if you install an earlier version of the Dhcp.mdb file over a later version, or if DHCP scope settings in DHCP Manager are corrupted. See ME245036.

Windows Event Log Analysis Splunk App

Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to



Cisco ASA Log Analyzer Splunk App

Obtain enhanced visibility into Cisco ASA firewall logs using the free Firegen for Cisco ASA Splunk App. Take advantage of dashboards built to optimize the threat analysis process.