Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net. The EventId.Net for Splunk Add-on assumes that Splunk is collecting information from Windows servers and workstation via the Splunk Universal Forwarder.
The HTTP server was unable to load the ISAPI Application 'C:\InetPub\scripts\..%5c..\Admin.dll'. The data is the error
|English: Request a translation of the event description in plain English.|
|Concepts to understand:|
What is a DLL?
What is ISAPI?
As per Microsoft: "This error is caused by registry restrictions that prevent guest access; it occurs when OWA is using Internet Explorer 5. This error occurs if the following registry key is enabled with a value of 1:
"HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\RestrictGuestAccess". This registry key prevents guests or anonymous users from viewing event logs on the server". See ME242900 for more details.
The message itself simply informs that a specific Internet Server API application could not be loaded. This can happen if the file is missing or corrupted. The example below is typical effect of a Nimda virus infection. The "%5c" is a unicode wide character that is used to bypass the internal IIS verification.
|Private comment: Subscribers only. See example of private comment|
|Search: Google - Bing - Microsoft - Yahoo - EventID.Net Queue (0) - More links...|
Send comments or solutions
- Notify me when updated