Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net. The EventId.Net for Splunk Add-on assumes that Splunk is collecting information from Windows servers and workstation via the Splunk Universal Forwarder.
Microsoft (R) Windows (R) 5.01.2600 Service Pack 2 Uniproccessor Free
|English: This information is only available to subscribers. An example of English, please!|
|Concepts to understand:|
What is a Windows Service Pack?
As per Microsoft: "The user restarted or shut down the computer by clicking Start or pressing CTRL+ALT+DELETE, and then clicking Shut Down. The message displays the Windows product information for the computer logging the message, including the product name, version, build number, service pack number, and operating system type". See MSW2KDB for additional information about this event.
Check ME196452 to see why WinNT Reports 6005, 6006, 6008, and 6009 event log entries.
Indicates that event log has been started and the revision of Windows that is in use (after a server restart).
|Private comment: Subscribers only. See example of private comment|
|Links: ME196452, ME227438, MSW2KDB|
|Search: Google - Bing - Microsoft - Yahoo - EventID.Net Queue (2) - More links...|
Send comments or solutions
- Notify me when updated