Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net. The EventId.Net for Splunk Add-on assumes that Splunk is collecting information from Windows servers and workstation via the Splunk Universal Forwarder.
|Source: Microsoft Windows Security|
|Type: Failure Audit|
Code Integrity determined that the page hashes of an image file are not valid. The file could be improperly signed without page hashes or corrupt due to unauthorized modification. The invalid hashes could indicate a potential disk device error.
File Name: \Device\HarddiskVolume2\Windows\System32\l3codeca.acm
|English: Request a translation of the event description in plain English.|
See EV100524 (Security ID 6281 l3codeca.asm) for a discussion about this event. The l3codeca.acm file is related to Remote desktop audio redirection and is not signed.
|Private comment: Subscribers only. See example of private comment|
|Search: Google - Bing - Microsoft - Yahoo - EventID.Net Queue (0) - More links...|
|Custom search for *****: Google - Bing - Microsoft - Yahoo|
Send comments or solutions
- Notify me when updated