Monitor unlimited number of servers
Filter log events
Create email and web-based reports

Direct access to Microsoft articles
Customized keywords for major search engines
Access to premium content

Event ID: 222 Source: SWS

Source
Level
Description
The description for Event ID ( 222 ) in Source ( SWS ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: Error: "recvfrom" on [0.0.0.0] failed error 10054.
Comments
 
The symptom was that web browsing was down. Internet addresses could be pinged by both name and number, indicating that DNS servers were working.
This error appeared many times in the application log. It was logged by Symantec Web Security (SWS) on the proxy server. It indicates that the proxy could not connect to a requested site. Upon further investigation, I could tell that it was because the DNS service was problematic. It had not failed completely, but was not working correctly. Rebooting the server running SWS fixed the problem. DNS is now working and we no longer receive the SWS message.

Windows Event Log Analysis Splunk App

Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net.

Read more...

 

Cisco ASA Log Analyzer Splunk App

Obtain enhanced visibility into Cisco ASA firewall logs using the free Firegen for Cisco ASA Splunk App. Take advantage of dashboards built to optimize the threat analysis process.

Read more...