Monitor unlimited number of servers
Filter log events
Create email and web-based reports

Direct access to Microsoft articles
Customized keywords for major search engines
Access to premium content

Event ID: 1130 Source: NTDSKCC

The automatic topology generator was unable to complete the topology for site CN="<Common Name ID>",CN=<container Common Name>,CN=Configuration,DC=company,DC=com, error code <error code>, and internal id f0802f0.
See the link to "EventID 1130 from source Active Directory" for information on this event.
From a newsgroup post: "Check to see if the permissions on any of the files in the NTDS folder, including the EDB<xxxxx>.log files, are set to Read Only; then perform the following steps:
1. When the initial restart menu is displayed, press F8 to restart the domain controller in Directory Services Restore mode, and then click Directory Services Restore Mode.
2. Verify that the Administrator and System accounts on all the files in  %SystemRoot%\Ntds folder have the following permissions: Administrators- Full Control, System Full Control.

Error code 7 - "The storage control blocks were destroyed." - no additional info
Error code 20d9 ="A database error has occurred." - no additional info
Had this in conjunction with ID 1480 (NTDS Replication) which basically said the disk containing the database was full. Freed some space on the system drive and everything seems ok.

Windows Event Log Analysis Splunk App

Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to



Cisco ASA Log Analyzer Splunk App

Obtain enhanced visibility into Cisco ASA firewall logs using the free Firegen for Cisco ASA Splunk App. Take advantage of dashboards built to optimize the threat analysis process.