Monitor unlimited number of servers
Filter log events
Create email and web-based reports

Direct access to Microsoft articles
Customized keywords for major search engines
Access to premium content

Event ID: 530 Source: Security

Logon Failure:
Reason: Account logon time restriction violation
User Name: <user name>
Domain: <domain name>
Logon Type: <logon type>
Logon Process: <process>
Authentication Package: <package>
Workstation Name: <workstation name>
This error may occur if the user account that is used for anonymous access is denied access to the Web Server during a specific time period. See ME909887 to solve this problem.

As per Microsoft: "The user account and password are correct, but the logon attempt failed because it occurred outside the hours that the user is allowed to log on. This restriction is configured on the user's domain account". See MSW2KDB for additional information about this event.
This happens if the user is not logged out. Just create a policy to force the user to log off when his time has expired. See ME318714 for information on how to limit user logon time in a domain in Windows 2000.
Event generated by as logon failure due to an account logon time restriction violation (The user account tried to log on outside of the allowed time.)
The event will happen on E-Mail server if users do not log off at the end of the day and have Outlook open.

Windows Event Log Analysis Splunk App

Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to



Cisco ASA Log Analyzer Splunk App

Obtain enhanced visibility into Cisco ASA firewall logs using the free Firegen for Cisco ASA Splunk App. Take advantage of dashboards built to optimize the threat analysis process.