Monitor unlimited number of servers
Filter log events
Create email and web-based reports
Direct access to Microsoft articles
Customized keywords for major search engines
Access to premium content
Event ID: 26 Source: W32Time
English
Request a translation of the event description in plain English.
Comments
We had this issue occurring between two W2K3 DCs both on the same subnet. We fixed it as specified below:
1. Stop the time service: Net stop w32time
2. Unload the w32time service: W32tm /unregister
3. Reload the w32time service: W32tm /register
4. Set up the SNTP source server: Net time /setsntp:prefered.timesource.com
5. Start w32time service: Net start w32time
6. Test the connection and time synchronization: W32tm /resync
1. Stop the time service: Net stop w32time
2. Unload the w32time service: W32tm /unregister
3. Reload the w32time service: W32tm /register
4. Set up the SNTP source server: Net time /setsntp:prefered.timesource.com
5. Start w32time service: Net start w32time
6. Test the connection and time synchronization: W32tm /resync
Restart the W32Time Service. I have seen this when the Time provider is moved from one DC to another and the client fail to recognise the move. Run the following command from a dos prompt: w32tm /monitor. This will show you which DCs are synchronising with what Time provider. See ME816042 for additional information on the Time Provider settings.
Windows Event Log Analysis Splunk App
Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net.
Cisco ASA Log Analyzer Splunk App
Obtain enhanced visibility into Cisco ASA firewall logs using the free Firegen for Cisco ASA Splunk App. Take advantage of dashboards built to optimize the threat analysis process.