Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net. The EventId.Net for Splunk Add-on assumes that Splunk is collecting information from Windows servers and workstation via the Splunk Universal Forwarder.
Information Store (<PID>) First Storage Group: A request to write to the file "<file>" at offset <offset> (<offset>) for <size> (<size>) bytes succeeded but took an abnormally long time (<number> seconds) to be serviced by the OS. In addition <number> other I/O requests to this file have also taken an abnormally long time to be serviced since the last message regarding this problem was posted <number> seconds ago. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
|English: Request a translation of the event description in plain English.|
I was receiving this error on Windows 2003 SBS R2 when a scheduled defrag was running in the background. I killed the defrag processes and the errors stopped.
I got this warning because Diskeeper was running a disk defragment process at the same time as the mailboxes were being backed up by Veritas Backup Exec v10.x. I modified the Diskeeper schedule so it would not defrag during backups and the warning disappeared.
As per Microsoft: "This problem may be caused by faulty hardware. This problem may also be caused if the server or disk subsystem is not correctly configured". See MSEX2KDB for additional information about this event.
A defrag in progress can lock the priv1.edb database and cause the same errors as a hardware problem. Make sure that no defragmentation of the HDD is in progress.
From a newsgroup post: "Event ID 510 is a performance warning which indicates slow writing behavior. This issue could be related with the server's performance. Try the following action plan to isolate the problem:
1. Check to see if there are any tasks such as backups scheduled at the time this event is logged. If there are some tasks running at that time, the system may be very busy and the event could be expected.
2. Use the Isinteg utility to check for logical errors in the database. Run the following command on your Exchange server: "isinteg -s <servername> -fix -test alltests" (without the quotation marks). For detailed information on Isinteg, you can refer to ME182081".
|Private comment: Subscribers only. See example of private comment|
|Search: Google - Bing - Microsoft - Yahoo - EventID.Net Queue (0) - More links...|
Send comments or solutions
- Notify me when updated