Monitor unlimited number of servers
Filter log events
Create email and web-based reports

Direct access to Microsoft articles
Customized keywords for major search engines
Access to premium content

Event ID: 4127 Source: Ci

Content index on c:\system volume information\catalog.wci could not be initialized. Error <error code>
The solution in my case, was:

1. Stop the Index Service
2. Delete the offender catalog directory
3. Restart the Index Service
- Error code: 3221225539 = C0000043 - Can't open drive. Cannot open volume for direct access. See ME823439 for details on this error code.
From a newsgroup post: "This looks as if the “Content indexer” has its index files corrupted. It is a facility you may not want anyway. It builds indexes of the documents on the disk based on their content, to speed up complicated searches on the basis of looking for text contained in files. This is fine for a big office with very many related documents but is rarely appropriate for a stand-alone or family machine, and can generate a lot of background disk activity. You could turn it off: In My Computer, right click on the Hard disk icon (on each if you have more than one) and choose Properties. Uncheck the box 'Allow indexing service to index this disk'".

See MSW2KDB for additional information on this event.
A somehow generic message from the Index services, it may be caused by variuos conditions. The error code should provide a better understanding on why de catalog file cannot be initialized. One can try to just delete the file catalog.wci, make sure SYSTEM has write access to the directory and restart the service.

Error code: 3221225477 -  0xc0000005 = STATUS_ACCESS_VIOLATION  - From newsgroups postings, this is an memory access violation error
Error code: 2147942405 - 0x80070005 = ERROR_ACCESS_DENIED - verify permissions on the directory
Error code: 2147942487 - 0x80070057 = MAPI_E_INVALID_PARAMETER - no info
Error code: 3221225485 - 0xC000000D = STATUS_INVALID_PARAMETER - no info

Windows Event Log Analysis Splunk App

Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to



Cisco ASA Log Analyzer Splunk App

Obtain enhanced visibility into Cisco ASA firewall logs using the free Firegen for Cisco ASA Splunk App. Take advantage of dashboards built to optimize the threat analysis process.