Monitor unlimited number of servers
Filter log events
Create email and web-based reports

Direct access to Microsoft articles
Customized keywords for major search engines
Access to premium content

Event ID: 1539 Source: NTDS

Source
Level
Description
Unable to disable disk write cache on c:. Data might be lost during system failures.
Comments
 
According to TD941847, although you can use disk write caching to increase application performance, disk write caching is not recommended for use on a domain controller because it can increase the chance of data corruption and loss.
This is not an error. The system is trying to disable write cache for NTDS (AD database) operations to keep is safer. However, it is not succeeding. Therefore, there is nothing wrong with your drive or the data on it. You just need to find out how to disable write caching (to be on the safe side).
If the hard disk becomes unavailable or otherwise an error or fault stops the system from flushing the cache, this event will occur. Since Windows keeps data in cache before writing it to the physical hard disk (for performance), this data will be lost. If the data is a part of an executable file, then the loss is not relevant. However, if the data is a file like a Word or Excel document, loss of important data may occur. Run a scandisk on the drive mentioned in the event.

Windows Event Log Analysis Splunk App

Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net.

Read more...

 

Cisco ASA Log Analyzer Splunk App

Obtain enhanced visibility into Cisco ASA firewall logs using the free Firegen for Cisco ASA Splunk App. Take advantage of dashboards built to optimize the threat analysis process.

Read more...