Monitor unlimited number of servers
Filter log events
Create email and web-based reports

Direct access to Microsoft articles
Customized keywords for major search engines
Access to premium content

Event ID: 1706 Source: MSExchangeTransport

EXPS is temporarily unable to provide protocol security. This is usually due to DS network problems or low system resources. "CSessionContext::OnEXPSInNegotiate" called "HrServerNegotiateAuth" which failed with error code 0x8009030c ( K:\transmt\src\smtpsink\exps\expslib\context.cpp@1209 )
This problem occurs when the following conditions are true:
1.The server that is running Exchange Server 2003 has SMTP virtual servers that have a Fully Qualified Domain Name (FQDN) that does not match the server name.
2.The FQDNs for the SMTP virtual servers do not have a Service Principal Name (SPN) registration. See ME914137 for information on fixing this problem.

See MSEX2KDB for additional information about this event.
See ME843106 for details on this event.
From a newsgroup post: "This error is only logged when the logging level is set to MAXIMUM, and it can be caused by an invalid authentication attempt (despite the misleading text)."
Win32 Error code 0x8009030c means "The logon attempt failed".
As per Microsoft "This may occur if the Exchange 2000 Server information store databases are damaged. This condition can exist if a file-level antivirus program is run on the \Exchsrvr folder and its subfolders, or on the Exchange Installable File System (ExIFS). By default, the Exchange Installable File System (ExIFS) is on drive M.", see the link below.

Windows Event Log Analysis Splunk App

Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to



Cisco ASA Log Analyzer Splunk App

Obtain enhanced visibility into Cisco ASA firewall logs using the free Firegen for Cisco ASA Splunk App. Take advantage of dashboards built to optimize the threat analysis process.