Monitor unlimited number of servers
Filter log events
Create email and web-based reports

Direct access to Microsoft articles
Customized keywords for major search engines
Access to premium content

Event ID: 12018 Source: MSExchangeTransport

The STARTTLS certificate will expire soon: subject:<subject>, hours remaining: <value>. Run the New-ExchangeCertificate cmdlet to create a new certificate.
As the message indicates, the certificate will expire soon and you have to do something about that. The system will keep bugging about this until you fix it. You can remove the expired certificate a command called remove-exchangecertificate.
I started seeing this event close to 1 year after installing our Exchange 2007 server. The default self-signed cert has to be renewed. A 12017 warning that contains the number of hours you have left to do this precedes this event. I ran the following Exchange PowerShell commands to resolve this issue:
1. get-exchangecertificate | fl
2. new-exchangecertificate -confirm -DomainName servername -Keysize 2048 -Services SMTP
3. enable-exchangecertificate -Thumbprint LONGHEXNUMBER -Services:None

The first command gives you the list of your certificates. Find the matching thumbprint (long hex number) to see the one that is expiring. Use the parameters shown in that certificate to fill in the fields for your second command. Then, once successful use the third command to disable the expiring certificate from all services.
More info on the parameters can be found at “Creating a Certificate or Certificate Request for TLS “.

Windows Event Log Analysis Splunk App

Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to



Cisco ASA Log Analyzer Splunk App

Obtain enhanced visibility into Cisco ASA firewall logs using the free Firegen for Cisco ASA Splunk App. Take advantage of dashboards built to optimize the threat analysis process.