Monitor unlimited number of servers
Filter log events
Create email and web-based reports

Direct access to Microsoft articles
Customized keywords for major search engines
Access to premium content

Event ID: 2120 Source: MSExchangeADAccess

Process <process> (PID=<PID>). Error ERROR_TIMEOUT (<error code>) occurred when DNS was queried for the service location (SRV) resource record used to locate a domain controller for domain <domain>
The query was for the SRV record for <record>. The DNS servers used by this computer for name resolution are not responding. This computer is configured to use DNS servers with the following IP addresses:
<IP addresses>.
Verify that this computer is connected to the network, that these are the correct DNS server IP addresses, and that at least one of the DNS servers is running.
As per Microsoft: "This Warning event indicates that DNS servers for the specified domain are not responding. The domain controllers from the specified domain will not be used by DSAccess. As long as there is sufficient capacity in usable domain controllers in other domains, it will not cause mail flow interruption. But we recommend that you investigate the issue and fix it". See MSEX2K3DB for details on fixing this problem.

Windows Event Log Analysis Splunk App

Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to



Cisco ASA Log Analyzer Splunk App

Obtain enhanced visibility into Cisco ASA firewall logs using the free Firegen for Cisco ASA Splunk App. Take advantage of dashboards built to optimize the threat analysis process.