Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net. The EventId.Net for Splunk Add-on assumes that Splunk is collecting information from Windows servers and workstation via the Splunk Universal Forwarder.
DNS Server sendto() function failed. The data is the error.
|English: Request a translation of the event description in plain English.|
|Concepts to understand:|
What is the role of a DNS server?
In our case, we had Windows Server 2003 installed. Installing Windows Server 2003 SP2 resolved this for us. I suspect reinstalling SP1 would have also done so.
See ME884891 for a hotfix applicable to Microsoft Windows 2000.
ME249868 also provides information on this problem.
As per Microsoft: "This problem occurs because DNS encounters a referral to an invalid address for a name server. The referral resource record lists the IP address of the name server as 0.0.0.0. DNS cannot send a query to an invalid address and logs the error against the sendto function."
Note: a supported fix is now available from Microsoft - see ME244132.
For Microsoft Windows NT 4.0 Server the error can occur if the Domain Name Service (DNS) cache file (Cache.dns) is corrupted. See ME317022 link below.
|Private comment: Subscribers only. See example of private comment|
|Links: ME244132, ME249868, ME317022, ME884891|
|Search: Google - Bing - Microsoft - Yahoo - EventID.Net Queue (0) - More links...|
Send comments or solutions
- Notify me when updated