Monitor unlimited number of servers
Filter log events
Create email and web-based reports

Direct access to Microsoft articles
Customized keywords for major search engines
Access to premium content

Event ID: 1036

Source
BINLSVC
Level
Warning
Description
The Remote Installation service found multiple records for a given GUID. The Remote Installation service will not respond to the client's request. GUID: {<GUID>} First Machine: <machine> Second Machine: <machine>.
Source
ClusSvc
Level
Error
Description
Cluster disk resource 'Disk [Q]:' did not respond to a SCSI inquiry command.
Source
DhcpServer
Level
Error
Description
The DHCP service was unable to create or lookup the DHCP Users local group on this computer. The error code is in the data. 0000: 3d 01 00 00 =...
Source
IMAP4SVC
Level
Warning
Description
An error occurred while starting the Microsoft Exchange IMAP4 Service: server instance number 1 failed to start with error <error code>.
Source
MSExchange ActiveSync
Level
Warning
Description
The proxy request has failed to authenticate on <Exchange Server 2003>. Please ensure that Integrated authentication is turned on.
Source
MSExchange Transport
Level
Error
Description
Inbound direct trust authentication failed for certificate CN=aos05. The source IP address of the server that tried to authenticate to Microsoft Exchange is [192.168.12.8]. Make sure EdgeSync is running properly.
Source
MSExchangeFB
Level
Error
Description
Unable to process and export the Microsoft Schedule+ Free/Busy Connector information for user USER-/CN=RECIPIENTS/CN=<UserID>.
Source
MSExchangeMU
Level
Warning
Description
A conflict exists for SMTP domain in metabase key "/LM/SmtpSvc/1/Domain/example.com". The following object is causing this conflict "CN=example.comCN=Recipient PoliciesCN=First OrganizationCN=Microsoft ExchangeCN=ServicesCN=ConfigurationDC=domainDC=local". This object has higher priority than the existing object in the metabase and it will override the existing object.
Source
MsiInstaller
Level
Error
Description
Windows Installer installed an update. Product Name: Symantec System Recovery 2013. Product Version: 11.0.1.47662. Product Language: 1033. Manufacturer: Symantec Corporation. Update Name: Symantec System Recovery 11.0 SP1 Patch. Installation success or error status: 1625.
Source
NfsSvr
Level
Information
Description
Microsoft Server For NFS Activity Log

Operation: Mount
Result: Failure
Client: <IP address>
File Name: /sysvol/.
Source
POP3 Connector
Level
Error
Description
An error occurred during a POP3 transaction to server < <server> [<account>]>. The error is <error code.> (<error details>).
Source
POP3Svc
Level
Error
Description
An error occurred while starting the Microsoft Exchange POP3 Service: server instance number <value> failed to start with error <error code>.
Source
TermService
Level
Error
Description
Terminal server session creation failed. The relevant status code was <code>.
Source
Userenv
Level
Error
Description
Windows cannot load extension <extension>. (Access is denied. ).
Source
W3SVC
Level
Error
Description
A failure occurred while initializing the configuration manager for the World Wide Web Publiching Service. The data field contains the error number.

Windows Event Log Analysis Splunk App

Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net.

Read more...

 

Cisco ASA Log Analyzer Splunk App

Obtain enhanced visibility into Cisco ASA firewall logs using the free Firegen for Cisco ASA Splunk App. Take advantage of dashboards built to optimize the threat analysis process.

Read more...