Monitor unlimited number of servers
Filter log events
Create email and web-based reports

Direct access to Microsoft articles
Customized keywords for major search engines
Access to premium content

Event ID: 1234 Source: ClusSvc

Source
Level
Description
The Cluster service account does not have the following required user rights:

<rights>

These user rights were granted to the Cluster service account during cluster setup and must not be removed.

User Action

Assign these rights to the Cluster service account. One way to do this is to use Local Security Settings (Secpol.msc). Another way is to edit the Group Policy object that is associated with the Cluster service account's user object in Active Directory.

If you have already assigned these rights to the Cluster service account and the user rights appear to be removed a Group Policy object might be removing the rights. Check with your domain administrator to find out if this is happening.
Comments
 
Grant the privilege that is stated in the eventís description using Local Security Settings (Secpol.msc). It is required by the Cluster service. The cluster service requires the following privileges as below:
Act as part of the OS.
Adjust memory quotas for process.
Backup files & directories.
Increase scheduling priority.
Log on as service.
Restore files and directories.
Replace a process-level token.

Windows Event Log Analysis Splunk App

Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net.

Read more...

 

Cisco ASA Log Analyzer Splunk App

Obtain enhanced visibility into Cisco ASA firewall logs using the free Firegen for Cisco ASA Splunk App. Take advantage of dashboards built to optimize the threat analysis process.

Read more...