Monitor unlimited number of servers
Filter log events
Create email and web-based reports

Direct access to Microsoft articles
Customized keywords for major search engines
Access to premium content

Event ID: 5 Source: Microsoft-Windows-Kernel-General

{Registry Hive Recovered} Registry hive (file): '\\SystemRoot\\System32\\Config\\RegBack\\SOFTWARE' was corrupted and it has been recovered. Some data might have been lost.
EV100351 (Recover Corrupted User Registry Hive) offers some suggestions for the recover of corrupted user registry hives (however this event can be recorded for other areas of registry as well).

EV100119 (Fix a corrupted user profile) is Microsoft's recommendation on how to fix a corrupted user profile.

Some users suggested running SFC (System File Checker) to verify the integrity of the file system. See ME929833 for details.

Windows Event Log Analysis Splunk App

Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to



Cisco ASA Log Analyzer Splunk App

Obtain enhanced visibility into Cisco ASA firewall logs using the free Firegen for Cisco ASA Splunk App. Take advantage of dashboards built to optimize the threat analysis process.