Monitor unlimited number of servers
Filter log events
Create email and web-based reports

Direct access to Microsoft articles
Customized keywords for major search engines
Access to premium content

Event ID: 327 Source: SymantecMailSecurityforMicrosoftExchange

The process SAVFMSESp.exe was forcibly terminated. Reason: SAVFMSECtrl process failed to communicate with SAVFMSESp process.
From a newsgroup post: "I called Symantec and they said that the error that I was seeing was normal accept that it shouldn't happen repeatedly and bring the server to its knees. The program is designed to stop and restart the service if it hangs on a file that is unscannable. This seems to be the problem, except that it was caught in a loop of restarts. They thought that perhaps corrupted program files or virus definitions were causing the problem. Either way, they suggested uninstalling Symantec Mail Security for Exchange and Symantec Antivirus Enterprise, removing the Symantec shared folder from C:\Program Files\Common Files, and then doing a clean install of both programs. They also told me to disable the live update on the Mail Security because the Symantec Antivirus Enterprise gets the live updates and then shares them through the C:\Program Files\Common files\Symantec shared folder.
This seemed to do the trick. It only took an hour or so to do a clean install, although that was an hour or so that we had the e-mail server off line".

Windows Event Log Analysis Splunk App

Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to



Cisco ASA Log Analyzer Splunk App

Obtain enhanced visibility into Cisco ASA firewall logs using the free Firegen for Cisco ASA Splunk App. Take advantage of dashboards built to optimize the threat analysis process.