Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net. The EventId.Net for Splunk Add-on assumes that Splunk is collecting information from Windows servers and workstation via the Splunk Universal Forwarder.
The EventSystem sub system is suppressing duplicate event log entries for a duration of 86400 seconds. The suppression timeout can be controlled by a REG_DWORD value named SuppressDuplicateDuration under the following registry key: HKLM\Software\Microsoft\EventSystem\EventLog.
|English: This information is only available to subscribers. An example of English, please!|
|Concepts to understand:|
What is a DWORD?
This message in itself is not directly related to a problem but it simply states that an application is attempting to record several identical events. In order to prevent a possible performance degradation because of this, the system is supressing the logging of these events for the time interval specified (usually 86400 seconds or 24 hours). The other events recorded before this one should provide some clues about the actual problem.
* * *
From a newsgroup post it results that one user got rid of this problem after updating the firmware for the network adapter installed in the computer.
This is only an informational message, saying that duplicate log entries will not be showed for the specified time.
|Private comment: Subscribers only. See example of private comment|
|Search: Google - Bing - Microsoft - Yahoo - EventID.Net Queue (0) - More links...|
|Custom search for *****: Google - Bing - Microsoft - Yahoo|
Send comments or solutions
- Notify me when updated