Monitor unlimited number of servers
Filter log events
Create email and web-based reports

Direct access to Microsoft articles
Customized keywords for major search engines
Access to premium content

Event ID: 1309 Source: ASP.NET2.0.50727.0

Event code: <event code>
Event message: <message>
Event time: <date> <time>
Event time (UTC): <date> <time>
Event ID: <id>
Event sequence: <number>
Event occurrence: <number>
Event detail code: <number>.
Event message: The request has been aborted: In my case the "Windows Internal Database" service has stopped working, so WSUS stopped working too. Changing the Logon user of the service to Local Account and restarting the "Windows Internal Database" fixed this problem for me.
When this event comes up related to a Windows SharePoint Services Site recycling the IIS Application Pool will help to get the Site back to work.
This can also occur if using Trend Micro Worry Free Business Security anti-virus product on a Citrix Web Interface server. To avoid this problem the Trend Micro Client/Server Security Agent Proxy Service needs to be disabled. Trend Micro is aware of this issue and is working on a fix.
According to ME976555, this may be recorded when you log on to or log off from a Microsoft Commerce Server 2007 Service Pack 2 (SP2) site. This problem occurs because Commerce Server 2007 SP2 does not handle exceptions that occur when a duplicate value is found for a UNIQUE key in the profile cache. See the article for details about a hotfix available for this.
See ME941386 for a hotfix applicable to Microsoft .NET Framework 2.0 and Windows Vista.

From a newsgroup post: "In ASP.NET 2.0, in addition to ViewState, the webresource.axd generated URL string has identities that were encrypted using the machinekey setting. And these encrypted values are not valid forever, it will expire and become invalid after long time. Therefore, if a page postback after a long time, it is possible that the embeded viewstate info or the certain webresource.axd URL become invalid which will also raise the error.  This is mostly found in some internet based web applications since there are some users who will use some old URLs (expired), such as the one in Google cache to visit the certain application and will cause application raise such validation error.  If your application is in internet environment, you can add some code in the Application_Error event and check whether the CryptographicException is from some particular client agents. In addition, you can check in the Application_Error event to see whether the exception is always occurring against some specific pages". See the link to ".net newsgroups Topic 34075" for the original post.
We are running Citrix presentation server and this warning came up in the event viewer several times. I ran across this fix on a Citrix forum that fixed the issue:

1. I made a backup of my C:\Inetpub\wwwroot\Citrix\ folder (to save all of my configurations and branding images, files, etc...).
2. I uninstalled WI, and left the management consoles.
3. I unregistered the .Net framework from IIS (C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe -ua).
4. Ran the Microsoft Installer Cleanup Utility and deleted entries for WI only not the management consoles (see ME290301).
5. I rebooted the server.
6. I reinstalled WI.
7. I re-registered with IIS (C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe -i).
8. I also ran a repair on the .Net framework from Add/Remove Programs for good measure.
9. I copied my backup folder from step 1 to the newly created folder.

See the link to “Citrix Knowledge Center Forum - ThreadID 94187” for the original thread.
I also had this event in the Application event log (Webesource.axd with a cryptography exception). After doing some digging on the net, I came across the following article, which gave me "some kind" of information: “Webresource.axd error“.
Long story short, it’s the machineKey element in the web.config that caused my problem. By setting this value, you define a validation key that will match the cookie and no more CryptographicException.
If you receive "Server Error in '/OMA' Application", it is because ASP.NET was installed prior to promoting the server to a DC. This affects Windows 2000 and 2003 Server. See ME818486 for information on solving this problem.
This problem can appear if the “Network Service” account does not have write access to the temporary directory. See " - CAN NOT DEBUG" and "The current identity (NT AUTHORITY\NETWORK SERVICE) does not have write access" for details on this issue.

Windows Event Log Analysis Splunk App

Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to



Cisco ASA Log Analyzer Splunk App

Obtain enhanced visibility into Cisco ASA firewall logs using the free Firegen for Cisco ASA Splunk App. Take advantage of dashboards built to optimize the threat analysis process.