Monitor unlimited number of servers
Filter log events
Create email and web-based reports

Direct access to Microsoft articles
Customized keywords for major search engines
Access to premium content

Event ID: 36888 Source: Schannel

Source
Level
Description
A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 1203.
Comments
 
See the information for Event id 36888 from Schannel "The following fatal alert was generated..." (link below) - it is virtually identically (but for older versions of Windows.
One of the conditions when this event is generated is if a remote web client is attempting an SSL connection towards a website hosted on the server but there is no SSL certificate installed for that URL. For example, the server recording the error may be hosting a website such as https://testsite.com (with testsite.com IP address being 192.168.3.1) with an SSL certificate installed for "testing.com" FQDN. If a remote user attempts a connection to https://192.168.3.1 the error may be recorded on the server.

Windows Event Log Analysis Splunk App

Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net.

Read more...

 

Cisco ASA Log Analyzer Splunk App

Obtain enhanced visibility into Cisco ASA firewall logs using the free Firegen for Cisco ASA Splunk App. Take advantage of dashboards built to optimize the threat analysis process.

Read more...