Monitor unlimited number of servers
Filter log events
Create email and web-based reports

Direct access to Microsoft articles
Customized keywords for major search engines
Access to premium content

Event ID: 6005 Source: EventLog

The Event log service was started.
As per Microsoft: "This event is written at system startup after the user initiates an expected restart or shutdown by clicking Start and then clicking Shut Down, or by pressing CTRL+ALT+DELETE and then clicking Shut Down". See MSW2KDB for additional information about this event.
Check ME196452 to see why WinNT Reports 6005, 6006, 6008, and 6009 event log entries. In addition, ME227438 also gives details about this event.
Occurs during the startup and it indicates that the logging service is functional (but if there were events before this time they were not logged).

Windows Event Log Analysis Splunk App

Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to



Cisco ASA Log Analyzer Splunk App

Obtain enhanced visibility into Cisco ASA firewall logs using the free Firegen for Cisco ASA Splunk App. Take advantage of dashboards built to optimize the threat analysis process.