Monitor unlimited number of servers
Filter log events
Create email and web-based reports

Direct access to Microsoft articles
Customized keywords for major search engines
Access to premium content

Event ID: 562 Source: Security

Source
Description
Handle Closed: Object Server: %1 Handle ID: %2  Process ID: %3
Comments
 
As per Microsoft: "The handle to the accessed object was successfully closed". See MSW2KDB for additional information about this event.

This problem may occur if you turn on auditing for the Object Access category and the Directory Service Access category and the default System Access Control List (ACL) is configured on the affected objects. See ME836419 for details.

This event will occur when you try to audit the success or failure access of the Enumerate Subkeys on the "HKLM\SYSTEM\CurrentControlSet\Control\ComputerName\ActiveComputerName" registry key. See ME810088 for a hotfix applicable to Microsoft Windows 2000.

This event also occurs each time ISA Server writes to the access control policy. See ME827818 for details.

When a user closes the policy storage container after changing a policy this event is logged. See ME837454 for additional information.
As per Microsoft: "These events appear if you have not configured the security access control list (SACL) on the object that you are auditing. The events also appear if you have configured the SACL, but not for all the listed accesses. For example, these events are logged when a user or a program reads a registry subkey, and you have not selected the Read Control or the Query Value check box in the auditing entry for that registry subkey". See ME841001 for more details.
Event generated when auditing is turned on for object access: "Handle Closed". See ME120600 and ME174074 for more details.

Windows Event Log Analysis Splunk App

Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net.

Read more...

 

Cisco ASA Log Analyzer Splunk App

Obtain enhanced visibility into Cisco ASA firewall logs using the free Firegen for Cisco ASA Splunk App. Take advantage of dashboards built to optimize the threat analysis process.

Read more...