Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net. The EventId.Net for Splunk Add-on assumes that Splunk is collecting information from Windows servers and workstation via the Splunk Universal Forwarder.
|Source: Microsoft Firewall|
The number of TCP connections per minute from the source IP address <ip address> exceeded the configured limit. ISA Server will not allow the creation of new TCP connections from this source IP address during a system-defined time period. By default this time period is 1 min. This event indicates that this IP address probably belongs to a host that is infected by a worm and attempts to propagate the worm to other vulnerable hosts. See the product documentation for more information about ISA Server flood resiliency.
|English: Request a translation of the event description in plain English.|
No information available. If you have additional details about this event, please, send them to us!
|Private comment: Subscribers only. See example of private comment|
|Search: Google - Bing - Microsoft - Yahoo - EventID.Net Queue (0) - More links...|
Send comments or solutions
- Notify me when updated