Monitor unlimited number of servers
Filter log events
Create email and web-based reports

Direct access to Microsoft articles
Customized keywords for major search engines
Access to premium content

Event ID: 17055 Source: MSSQLServer

18452: Login failed for user '<user name>'. The user is not associated with a trusted SQL Server connection.
ME555332 describes a condition when this event can be recorded because the computer is a stand-alone computer. The NetLogon service does not start on the server, hence no domain-wide logon authentications are possible.

From a newsgroup post: "Repeated messages might indicate the database is closed or opened frequently. Check the auto-close option of the database first. Clear it, if it is checked".

From a newsgroup post: "I encountered this problem when I was attempting to update SQL 2000 Server (RTM) to SP4 on a Windows 2003 Server Standard SP1. After extracting the contents of the SQL2000-KB884525-SP4-x86-ENU.EXE file to C:\SQL2KSP4 and running setup.bat, the installation hanged at "Validating User. Please Wait" but then ceased (the install window disappears) with no errors or dialogue boxes. The C:\temp\1\sqlsp.out file showed the following error: "Database 'msdb' cannot be opened. It has been marked SUSPECT by recovery".
After trying several fixes that failed, I called Microsoft Support in order to obtain hotfix ME328354. The Microsoft engineer helped me to discover that my SQL Server install CDs had a bad copy of the msdbdata.mdf file. I guess this explains why a reinstall did not fix the errors.
I simply shut down the SQL Server, copied msdbdata.mdf from a good CD, restarted the SQL Server, ran 'sp_resetstatus msdb' from Query Analyzer, and then stop/restarted the SQL Server. This resolved the msdb issue. After the msdb issue was resolved, SP4 installed nicely".

If you are using McAfee ePolicy Orchestrator 3.x, then see the link to "McAfee Support Solution ID: NAI34663" for information on this issue.

Windows Event Log Analysis Splunk App

Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to



Cisco ASA Log Analyzer Splunk App

Obtain enhanced visibility into Cisco ASA firewall logs using the free Firegen for Cisco ASA Splunk App. Take advantage of dashboards built to optimize the threat analysis process.