Monitor unlimited number of servers
Filter log events
Create email and web-based reports

Direct access to Microsoft articles
Customized keywords for major search engines
Access to premium content

Event ID: 10111 Source: Microsoft-Windows-DriverFrameworks-UserMode

Level
Description
The device <device> (location <location>) is offline due to a user-mode driver crash. Windows will attempt to restart the device 5 more times. Please contact the device manufacturer for more information about this problem.
Comments
 
Device GT-I9300 - This event was recorded when the Samsung Kies 3 software attempted to update itself. Restarting the software seemed to have fixed the problem so most probably it was caused by a bug in the update process. Event id 10110 was also recorded.
Most support forums indicate that the first step is troubleshooting this event is to update the drivers for the device specified in the event. If the problem persists, one can try install the latest Windows updates, verify if there are any issues with the disks (chkdsk), check for viruses, etc.

In one instance, the user had to downgrade a software driver (remove the latest version and install an older one) in order to get rid of this problem.
Device Zune - ME935420 provides a list of suggestions when this event is recorded and a Zune device is connected to your system.

Windows Event Log Analysis Splunk App

Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net.

Read more...

 

Cisco ASA Log Analyzer Splunk App

Obtain enhanced visibility into Cisco ASA firewall logs using the free Firegen for Cisco ASA Splunk App. Take advantage of dashboards built to optimize the threat analysis process.

Read more...