Monitor unlimited number of servers
Filter log events
Create email and web-based reports

Direct access to Microsoft articles
Customized keywords for major search engines
Access to premium content

Event ID: 2089 Source: NTDSReplication

This directory partition has not been backed up since at least the following number of days.

Directory partition:

"Backup latency interval" (days):

It is recommended that you take a backup as often as possible to recover from accidental loss of data. However if you haven`t taken a backup since at least the "backup latency interval" number of days this message will be logged every day until a backup is taken. You can take a backup of any replica that holds this partition.

By default the "Backup latency interval" is set to half the "Tombstone Lifetime Interval". If you want to change the default "Backup latency interval" you could do so by adding the following registry key.

"Backup latency interval" (days) registry key:
System\CurrentControlSet\Services\NTDS\Parameters\Backup Latency Threshold (days).
You only have to backup the system state with ntbackup. The message will disappear and remind you after 90 days.
If you are using Veritas Backup Exec to backup your server and you are backing up the "System State" you can ignore the message according to Veritas. See “Veritas Support Document ID: 282890”.
This event is logged when a partition is not backed up during the backup latency interval. Only one event error message is logged each day for each partition that a domain controller hosts. See ME914034 for additional information about this event.
Information about this event can be found in the following articles: "Active Directory Replication Tools and Settings", "How the Active Directory Replication Model Works", "How Active Directory Application Mode Works", "Introduction to Administering Active Directory Backup and Restore", and "How the Data Store Works".

Windows Event Log Analysis Splunk App

Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to



Cisco ASA Log Analyzer Splunk App

Obtain enhanced visibility into Cisco ASA firewall logs using the free Firegen for Cisco ASA Splunk App. Take advantage of dashboards built to optimize the threat analysis process.