Monitor unlimited number of servers
Filter log events
Create email and web-based reports

Direct access to Microsoft articles
Customized keywords for major search engines
Access to premium content

Event ID: 566 Source: Security

Object Open
Object Server: <server>
Object Type: <type>
Object Name: <name>
New Handle ID: <ID>
Operation ID:{<number>,<number>}
Process ID: <ID>
Primary User Name: <name>
Primary Domain: <domain>
Primary Logon ID: <ID>
Client User Name: <name>
Client Domain: <domain>
Client Logon ID: <ID>
Accesses <access type>
Privileges <privileges>
Properties: <properties>
As per ME967174, even if you enable auditing in in MS Exchange 2007, the 566 event may not record the user name as expected. Install Update Rollup 1 for Exchange Server 2007 Service Pack 2 to fix this. See the article for more details.
See ME299475 for a list of Windows 2000 security event descriptions.

Windows Event Log Analysis Splunk App

Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to



Cisco ASA Log Analyzer Splunk App

Obtain enhanced visibility into Cisco ASA firewall logs using the free Firegen for Cisco ASA Splunk App. Take advantage of dashboards built to optimize the threat analysis process.