Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net. The EventId.Net for Splunk Add-on assumes that Splunk is collecting information from Windows servers and workstation via the Splunk Universal Forwarder.
|Source: Microsoft Web Proxy|
Disk cache D:\urlcache\Dir1 failed to initialize. Some errors were encountered when ISA Server restored specific data cache files. ISA Server will now attempt to recover these files. These errors may have occurred because there was not enough time to complete all necessary shutdown operations, when ISA Server was previously shut down. To avoid this in future, you can increase the value of the HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\WaitToKillServiceTimeout registry key. Identify the reason for cache failure by examining previous recorded events, or the error code. The error code in the Data area of the event properties indicates the cause of the failure (internal code: 504.1318.104.22.1680.50).
|English: Request a translation of the event description in plain English.|
|Our approach: This information is only available to subscribers. An example of Our approach|
See ME887311 to resolve this problem.
Data: 00000005. This behavior may occur if the partition on which the cache is located does not have the appropriate user rights for the Everyone user. The Everyone user must have full access rights to build the Urlcache folder during Setup, or if you change the partition and the cache must be moved.
To resolve this behavior:
Start Windows Explorer, and the search for the Urlcache folder.
If the Dir1.cdat file is missing, change the rights for the Everyone user on the Urlcache folder to Full Control.
Restart all of the ISA Server services.
A file that is named Dir1.cdat is created. If the cache is located on only this partition, the file is the size of the cache that is defined in the ISA Server console. If other drives are defined in the cache configuration, there is an Urlcache folder on each drive that is defined. A Dir1.cdat file is created in each Urlcache folder.
From a newsgroup post: "These problems can be caused by poor filters. You could try running ISA with them disabled see if it helps. Also, you might be able to get rid of 14176 by increasing the
registry key it talks about from 20000 to 60000, then by 10000 until it disappears."
Data: 57 00 00 00 - no info.
Data: 5c 06 00 00 - From a newsgroup post: Try deleting the Web Proxy cache and recreating it. This problem could be related to a corrupt cache."
|Private comment: Subscribers only. See example of private comment|
|Links: ME319877, ME887311|
|Search: Google - Bing - Microsoft - Yahoo - EventID.Net Queue (0) - More links...|
Send comments or solutions
- Notify me when updated