Monitor unlimited number of servers
Filter log events
Create email and web-based reports

Direct access to Microsoft articles
Customized keywords for major search engines
Access to premium content

Event ID: 9673 Source: MSExchangeIS

An exception with code <error code> was thrown in module C:\Program Files\Exchsrvr\bin\ESE.dll; some parameters and their values were <Exception address - <address>>. A significant section of the call stack is in the data section.
Error code code: 0xc00000fd - ID 9673 is shown in the Application event log and the Information Store hangs intermitantly on Exchange 2007 SP1 meaning users cannot access their mailboxes. Install Update Rollup 7 for Exchange service pack 1 to resolve this issue. Please be aware that Rollup 7 removes any custom scripts in OWA and you may need to remove and re-install the OWA virtual directory after installation.

Please see ME959135. Update Rollup 7 can be downloaded from ME960384.
- Error code: 0xc00000fd - This issue occurs if some unusual e-mail messages exist on the Exchange server and they are opened by Microsoft Office Outlook clients. See ME926676 for a hotfix applicable to Microsoft Exchange Server 2003.
- Error code: 0xc00000fd - If you see this in your event log you have a rootkit installed on your Exchange Server. The rootkit is causing the IS to dump every time someone tries to attach a file in OWA (and they subsequently get HTTP 1.1 503 errors). The first step after restarting the IS, is to disable attachments in OWA. Add (or edit) the HKLM\SYSTEM\CurrentControlSet\Services\MSExchangeWEB\OWA\DisableAttachments registry key (DWORD) setting the value to 1. This will keep the IS from crashing while you are working on finding and removing the rootkit. We had to reboot the server after removing the rootkit before we could re-enable OWA attachments without crashing the IS.
- Error code: 0xc00000fd - See ME891504 for a hotfix applicable to Microsoft Exchange Server 2003.

See MSEX2K3DB for additional information on this event.

Windows Event Log Analysis Splunk App

Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to



Cisco ASA Log Analyzer Splunk App

Obtain enhanced visibility into Cisco ASA firewall logs using the free Firegen for Cisco ASA Splunk App. Take advantage of dashboards built to optimize the threat analysis process.