Monitor unlimited number of servers
Filter log events
Create email and web-based reports

Direct access to Microsoft articles
Customized keywords for major search engines
Access to premium content

Event ID: 570 Source: Security

Application operation attempt:
Application Name: Microsoft Operations Manager
Application Instance ID: (0x00x43DD2)
Object Name: GetUserRolesForOperationAndUser
Scope Names: 2537b367-6d74-4110-b0b5-1f51c1b1b09e
Client Name: <user name>
Client Domain: <domain>
Client Context ID: (0x00x2715D)
Role: <role>
Groups: <group>
Operation Name: UserRole__Get (150)
This is actually expected behavior. The event observed with auditing enabled can be safely ignored as it has no impact on the functionality of SCOM 2007. See the link to Failure Audit events 570 in Security event log of RMS server.

Windows Event Log Analysis Splunk App

Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to



Cisco ASA Log Analyzer Splunk App

Obtain enhanced visibility into Cisco ASA firewall logs using the free Firegen for Cisco ASA Splunk App. Take advantage of dashboards built to optimize the threat analysis process.