Monitor unlimited number of servers
Filter log events
Create email and web-based reports

Direct access to Microsoft articles
Customized keywords for major search engines
Access to premium content

Event ID: 510 Source: ESE

Information Store (<PID>) First Storage Group: A request to write to the file "<file>" at offset <offset> (<offset>) for <size> (<size>) bytes succeeded but took an abnormally long time (<number> seconds) to be serviced by the OS. In addition <number> other I/O requests to this file have also taken an abnormally long time to be serviced since the last message regarding this problem was posted <number> seconds ago. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
I was receiving this error on Windows 2003 SBS R2 when a scheduled defrag was running in the background. I killed the defrag processes and the errors stopped.
I got this warning because Diskeeper was running a disk defragment process at the same time as the mailboxes were being backed up by Veritas Backup Exec v10.x. I modified the Diskeeper schedule so it would not defrag during backups and the warning disappeared.
As per Microsoft: "This problem may be caused by faulty hardware. This problem may also be caused if the server or disk subsystem is not correctly configured". See MSEX2KDB for additional information about this event.
A defrag in progress can lock the priv1.edb database and cause the same errors as a hardware problem. Make sure that no defragmentation of the HDD is in progress.
From a newsgroup post: "Event ID 510 is a performance warning which indicates slow writing behavior. This issue could be related with the server's performance. Try the following action plan to isolate the problem:
1. Check to see if there are any tasks such as backups scheduled at the time this event is logged. If there are some tasks running at that time, the system may be very busy and the event could be expected.
2. Use the Isinteg utility to check for logical errors in the database. Run the following command on your Exchange server: "isinteg -s <servername> -fix -test alltests" (without the quotation marks). For detailed information on Isinteg, you can refer to ME182081".

Windows Event Log Analysis Splunk App

Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to



Cisco ASA Log Analyzer Splunk App

Obtain enhanced visibility into Cisco ASA firewall logs using the free Firegen for Cisco ASA Splunk App. Take advantage of dashboards built to optimize the threat analysis process.