Monitor unlimited number of servers
Filter log events
Create email and web-based reports

Direct access to Microsoft articles
Customized keywords for major search engines
Access to premium content

Event ID: 18

Source
Automatic Updates
Level
Information
Description
Installation Ready: The following updates are downloaded and ready for installation. This computer is currently scheduled to install these updates on <day>, <month> <day>, <year> at <hour>.
<updates>.
Source
avgntflt
Level
Warning
Description
The description for Event ID ( 18 ) in Source ( avgntflt ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description see Help and Support for details. The following information is part of the event: .
Source
BTHUSB
Level
Warning
Description
Windows cannot store Bluetooth link keys on the local transceiver because it cannot determine whether proper security is enabled for the device.
Source
clatf
Level
Warning
Description
[3/ 0/ 1/ 3] Disk reserved.
Data: 0000: ff 00 00 00 02 00 4c 00 .....L. 0008: 00 00 01 00 12 00 05 80 ....... 0010: 3e 0b 00 20 00 00 00 04 >.. .... 0018: 04 06 01 02 ff ff ff ff .... 0020: 00 00 00 00 00 00 00 00 ........
Source
elxsli2
Level
Error
Description
Port 0: Error Attention Interrupt: 40000000, resetting board
Source
i8042prt
Level
Warning
Description
The device sent an incorrect response(s) following a mouse reset.
Source
IAS
Level
Error
Description
An Access-Request was received from client <client> with a signature attribute that is not valid.
Source
Jserial
Level
Error
Description
Parameters subkey was found for user defined data. This is odd, and it also means no user configuration can be found.
Source
KDC
Level
Error
Description
During TGS processing, the KDC was unable to verify the signature on the PAC from <source>. This indicates the PAC was modified.
Source
Microsoft-Windows-WHEA-Logger
Level
Error
Description
A fatal hardware error has occurred.

Reported by component: Processor Core
Error Source: Machine Check Exception
Error Type: Unknown Error
Processor ID: 1

The details view of this entry contains further information.
Source
MSExchange OWA
Level
Error
Description
Outlook Web App couldn't connect Exchange Web Services due to a configuration error. Response code = "500".
Source
N100
Level
Information
Description
Adapter HP <NIC> Fast Ethernet NIC #2: Adapter Link Up: 100Mbps Full Duplex.
Source
NSerial
Level
Error
Description
Parameters subkey was found for user defined data. This is odd, and it also means no user configuration can be found.
Source
OFADriver
Level
Error
Description
The description for Event ID ( 18 ) in Source ( OFADriver ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: .
Source
OpenView Log
Level
Error
Description
ovtopmd: Lost connection to master agent. [ID:84 SET:3 MSG:102].
Source
Print
Level
Warning
Description
Document 24, <document name> owned by <user name> was timed out on <printer name>. The spooler was waiting for <number> milli-seconds and no data was received.
Source
psman5
Level
Error
Description
The driver beneath this one has failed in some way for.
Source
Rdacfltr
Level
Error
Description
The driver beneath this one has failed in some way for \Device\Rdac\database\B\P4P0I0\0.
Source
SAVRT
Level
Error
Description
Unable to read the configuration files.
Source
seacom2k
Level
Error
Description
Parameters subkey was found for user defined data. This is odd, and it also means no user configuration can be found.
Source
Serial
Level
Error
Description
No Parameters subkey was found for user defined data. This is odd, and it also means no user configuration can be found.
Source
SNA Server
Level
Error
Description
APPC session activation failure: BIND negative response or UNBIND request received

Sense data   = 083B0001
Connection   = <name>
LU alias     = <name>
PLU alias    = <alias>
Mode name    = <name>.
Source
TermServLicensing
Level
Warning
Description
Terminal Services Licensing on server <server name> has not been activated. Terminal Services Licensing will only issue temporary licenses until the server
is activated.  See Terminal Services Licensing help topic for more information.
Source
W32Time
Level
Error
Description
The time provider NtpClient failed to establish a trust relationship between this computer and the <domain> domain in order to securely synchronize time. NtpClient will try again in 15 minutes. The error was: <error>. (<error code>).
Source
Windows Update Agent
Level
Information
Description
Installation Ready: The following updates are downloaded and ready for installation. This computer is currently scheduled to install these updates on <date> at <time>: <updates>.
Source
WinMgmt
Level
Error
Description
Failed to CoGetClassObject for provider "<application name>". EXE has error in image (<error code>).
Source
WLBS
Level
Error
Description
WLBS : duplicate cluster subnets detected. The network may have been inadvertently partitioned.

Windows Event Log Analysis Splunk App

Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net.

Read more...

 

Cisco ASA Log Analyzer Splunk App

Obtain enhanced visibility into Cisco ASA firewall logs using the free Firegen for Cisco ASA Splunk App. Take advantage of dashboards built to optimize the threat analysis process.

Read more...