Monitor unlimited number of servers
Filter log events
Create email and web-based reports

Direct access to Microsoft articles
Customized keywords for major search engines
Access to premium content

Event ID: 1006

Source
DNS Client Events
Level
Warning
Description
The client was unable to validate the following as active DNS server(s) that can service this client. The server(s) may be temporarily unavailable or may be incorrectly configured.<DNS Server IP>.
Source
BINLSVC
Level
Warning
Description
The BINL service cannot read parameters from the directory service and/or the registry. The following error occurred: <error>. The server will continue to try to read the parameters.
Source
ClusSvc
Level
Error
Description
Microsoft Cluster Server was halted because of a cluster membership or communications error. The error code was 4.
Source
DCOM
Level
Error
Description
DCOM got error "<error description>" from the computer <computer name> when attempting to activate the server: {<GUID>}
Source
Dhcp
Level
Warning
Description
Your computer was unable to automatically configure the IP parameters for the Network Card with the network address <MAC address>. The following error occurred during configuration: WSAStartup cannot function at this time because the underlying system it uses to provide network services is currently unavailable. .
Data:
0000: 6b 27 00 00
Source
McLogEvent
Level
Error
Description
Task Manager : Service Error : MID Configuration Applicator: <error message>.
Source
MetaframeEvents
Level
Error
Description
The requested session is not configured to allow remote control (7051).
Source
Microsoft-Windows-CEIP
Level
Error
Description
A problem prevented Customer Experience Improvement Program data from being consolidated into files that can be sent to Microsoft, (Error 8000000A).
Source
Microsoft-Windows-GroupPolicy
Level
Error
Description
The processing of Group Policy failed. Windows could not authenticate to the Active Directory service on a domain controller. (LDAP Bind function call failed).
Source
MSExchange Mailbox Replication
Level
Warning
Description
The Mailbox Replication service was unable to process mailbox move requests in a mailbox database.
Database: [<mailbox database name>]
Error: MapiExceptionUnknownUser: Unable to open message store. (hr=0x80004005 ec=1003)
Diagnostic context:
    Lid: 18969   EcDoRpcExt2 called [length=214]
    Lid: 27161   EcDoRpcExt2 returned [ec=0x0][length=116][latency=15]
    Lid: 23226   --- ROP Parse Start ---
    Lid: 27962   ROP: ropLogon [254]
    Lid: 17082   ROP Error: 0x3EB    
    Lid: 26937  
    Lid: 21921   StoreEc: 0x3EB    
    Lid: 27962   ROP: ropExtendedError [250]
    Lid: 1494    ---- Remote Context Beg ----
    Lid: 26426   ROP: ropLogon [254]
    Lid: 22086  
    Lid: 27206  
    Lid: 17990  
    Lid: 16966   StoreEc: 0x8004010F
    Lid: 31433   StoreEc: 0x8004010F
    Lid: 8620    StoreEc: 0x3EB    
    Lid: 1750    ---- Remote Context End ----
    Lid: 26849  
    Lid: 21817   ROP Failure: 0x3EB    
    Lid: 26297  
    Lid: 16585   StoreEc: 0x3EB    
    Lid: 32441  
    Lid: 1706    StoreEc: 0x3EB    
    Lid: 24761  
    Lid: 20665   StoreEc: 0x3EB    
    Lid: 25785  
    Lid: 29881   StoreEc: 0x3EB
Source
MSExchangeAdmin
Level
Information
Description
Started to move mailbox 'DDD R1'.
Source Database:/o=Microsoft/ou=AdminGroup/cn=Configuration/cn=Servers/cn=SERVER1/cn=Microsoft Private MDB
Destination Database:/o=Microsoft/ou=AdminGroup/cn=Configuration/cn=Servers/cn=SERVER2/cn=Microsoft Private MDB
Exchange DN: /o=Microsoft/ou=AdminGroup/cn=Recipients/cn=Alias
Source
MSExchangeCluster
Level
Error
Description
<resource name>: Failed to perform the resource control function "<code>".
Source
MSExchangeDiagnostics
Level
Error
Description
The performance counter '\\VSS2\LogicalDisk(HarddiskVolume1)\Free Megabytes' sustained a value of '87.00', for the '15' minute(s) interval starting at '12/14/2013 9:22:00 PM'. Additional information: None. Trigger Name:DatabaseDriveSpaceTrigger. Instance:harddiskvolume1
Source
NAIMSERV350
Level
Error
Description
Initialize Data Abstraction Layer Failed.
Source
NfsServer
Level
Error
Description
Server for NFS is not configured for either Active Directory Lookup or User Name Mapping.

Without either Active Directory Lookup or User Name Mapping Server for NFS cannot grant file access to users.

Configure Server for NFS for either Active Directory Lookup or User Name Mapping using the Nfsadmin command-line tool.
Source
NVRAIDSERVICE
Level
Error
Description
Access failure: Critical error on disk <disk name> (Port <port>).
Source
RemoteNT
Level
Error
Description
The parameter is incorrect. (87)
Source
Save Dump
Level
Information
Description
The computer has rebooted from a bugcheck. A dump was not saved.
Source
SBCore
Level
Error
Description
The License Logging Service could not be restarted. The server will shut down in <minutes> minutes if the service isn't started.
Source
SceSrv
Level
Error
Description
Notification of policy change from LSA/SAM was processed without verifying PDC. Older security policy from this machine may be replicated out to other DCs. Error 53 to verify policy synchronization with PDC.

For more information see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Source
SLnet
Level
Error
Description
The telnet negotiation has failed.
Source
SNA Base Service
Level
Error
Description
Unable to access configuration information.
Source
TermServDevices
Level
Error
Description
The printer could not be installed.
Source
TermService
Level
Error
Description
The terminal server received large number of incomplete connections.  The system may be under attack.
Source
TWPOPUP.DLL
Level
Error
Description
The following requested video mode was not available: 1600 x 1200 x 8BBP.
The video mode has been set to the following mode 1280 x 1024 x 8BPP.
License not installed for requested video mode.
Source
Userenv
Level
Error
Description
Windows cannot bind to <domain name> domain. (Invalid Credentials). Group Policy processing aborted.
Source
WBLOGSVC
Level
Error
Description
The Web Logging Service failed to log an event with error <error code>.
Source
Windows Product Activation
Level
Information
Description
You have successfully activated your Windows product. Thank you.
Source
Windows Search Service
Level
Error
Description
The Windows Search Service has failed to create the SystemIndex search index. Internal error <7 0x80004002 Generic Error: 141>.

Windows Event Log Analysis Splunk App

Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net.

Read more...

 

Cisco ASA Log Analyzer Splunk App

Obtain enhanced visibility into Cisco ASA firewall logs using the free Firegen for Cisco ASA Splunk App. Take advantage of dashboards built to optimize the threat analysis process.

Read more...