Monitor unlimited number of servers
Filter log events
Create email and web-based reports

Direct access to Microsoft articles
Customized keywords for major search engines
Access to premium content

Event ID: 51 Source: SymantecAntiVirus

Level
Description
<description>
Comments
 
Various descriptions can be recorded with this event id:

- Security Risk Found Risk: Security Risk URLRedir in File: Unavalable by Start up Scan. Action Quarantine succeded. Action Description. The file was qurantined successfully

- Security Risk Found!Tracking Cookies in File: Cookie:username@domain.com/ by: TruScan scan.  Action: Quarantine failed : Leave Alone failed.  Action Description: The file was deleted successfully.

- Security Risk Found!Trojan Horse in File: C:\WINDOWS\cdsxNTr2.dll by: Auto-Protect scan.  Action: Quarantine succeeded : Access denied.  Action Description: The file was quarantined successfully

- Security Risk Found!Tracking Cookie in File: Unavailable by: Scheduled scan.  Action: Quarantine failed : Leave Alone failed.  Action Description: The file was deleted successfully

The format of the event description is usually quite explicit:
Security Risk Found = The type of threat discovered by Symantec A/V
By: The Symantec module that identified the threat
Action: What action did Symantec A/V against the threat
Action Description: The result of the action

Windows Event Log Analysis Splunk App

Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net.

Read more...

 

Cisco ASA Log Analyzer Splunk App

Obtain enhanced visibility into Cisco ASA firewall logs using the free Firegen for Cisco ASA Splunk App. Take advantage of dashboards built to optimize the threat analysis process.

Read more...