Monitor unlimited number of servers
Filter log events
Create email and web-based reports

Direct access to Microsoft articles
Customized keywords for major search engines
Access to premium content

Event ID: 1566 Source: NTDSKCC

All servers in site CN=DWB-Main,CN=Sites,CN=Configuration,DC=EXISS,DC=local that can replicate partition CN=Configuration,DC=EXISS,DC=local over transport CN=IP,CN=Inter-Site Transports,CN=Sites,CN=Configuration,DC=EXISS,DC=local are currently unavailable.
If a domain controller loses connectivity to the forest, Knowledge Consistency Checker (KCC) generates multiple event ID 1566 entries which can quickly cause the event log to wrap. See ME268109 for a hotfix applicable to Microsoft Windows 2000.

See "EventID 1566 from source Active Directory" for related information.
Installing hotfix ME898060 fixed this problem for me.
In my case, the problem was caused by hotfix ME893066. Uninstalling the hotfix fixed the problem for me.
In our case, every weekend a domain controller in a branch office had to be shut down (for maintenance on a temporary electricity generator). As soon as it went down the event logs on other DCs started filling up with these events. Once the DC was back online, everything went back to normal.
This event is often reported along with event id 1311. See ME214745 and the link to EventID 1311 from source NTDS KCC for troubleshooting procedures.

Windows Event Log Analysis Splunk App

Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to



Cisco ASA Log Analyzer Splunk App

Obtain enhanced visibility into Cisco ASA firewall logs using the free Firegen for Cisco ASA Splunk App. Take advantage of dashboards built to optimize the threat analysis process.