Monitor unlimited number of servers
Filter log events
Create email and web-based reports

Direct access to Microsoft articles
Customized keywords for major search engines
Access to premium content

Event ID: 1030 Source: MSExchangeISPublicStore

Level
Description
<user email address> failed an operation on folder /O=ABA|SEGUROS/OU=SITEASMTY/CN=RECIPIENTS/CN=<common name> GANA84227F664B043703027A7EBC960DD96500233B on database "First Storage Group\Public Folder Store (<server name>)" because the user did not have the following access rights:

"Delete" "Read Property" "Write Property" "Create Message" "View Item" "Create Subfolder" "Write Security Descriptor" "Write Owner" "Read Security Descriptor" "Contact"

The entry ID of the folder is in the data section of this event.
Comments
 
As per Microsoft: "This is a false warning, and it is logged if a user reads postings from a public folder owned by someone else, even though the user can access the contents of the folder. This warning can be safely ignored". See ME325885 for additional information on this issue.
As per Microsoft, this issue may occur if the permissions of the following object are not correctly configured and are different from the permissions of the root public folder tree as viewed in Exchange System Manager (where ORGANIZATION is the name of the Exchange 2000 organization and administrative_group is the name of the administrative group):
CN=Public Folders, CN=Folder Hierarchies, CN=administrative_group, CN=Administrative Groups, CN=ORGANIZATION, CN=Microsoft Exchange, CN=Services, CN=Configuration, DC=ORGANIZATION, DC=com

The Everyone group is set with an explicit Deny for the Create public folder or Create top level public folder permissions. See ME313866 for resolution.

Windows Event Log Analysis Splunk App

Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net.

Read more...

 

Cisco ASA Log Analyzer Splunk App

Obtain enhanced visibility into Cisco ASA firewall logs using the free Firegen for Cisco ASA Splunk App. Take advantage of dashboards built to optimize the threat analysis process.

Read more...