Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net. The EventId.Net for Splunk Add-on assumes that Splunk is collecting information from Windows servers and workstation via the Splunk Universal Forwarder.
MSExchangeIS (1564) A read of the database file C:\exchsrvr\MDBDATA\PRIV.EDB between offsets 0x0000000071058000 and 0x000000007105FFFF failed after 16 failed read attempts with error -1018. There is a software or hardware problem affecting the database drive that must be corrected to preserve database integrity. Contact Microsoft Product Support Services.
For more information, search the Microsoft Knowledge Base at http: Event ID number.
|3 Comments for event id 200 from source ESE97|
The description for Event ID ( 200 ) in Source ( GrooveManagementServer ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: <IID></IID><Details Process="w3wp.exe" HRESULT="0x80004005" EventMessage="Groove Management Server beta period expired".
|1 Comment for event id 200 from source GrooveManagementServer|
No appender could be found for logger (OUTLOOK.CLangResource). Without an appender, log entries will be dropped on the floor.
|1 Comment for event id 200 from source log4cxx|
Windows has shutdown:
Shutdown Duration : <duration>
IsDegradation : <state>
Incident Time (UTC) : <date> <time>.
|1 Comment for event id 200 from source Microsoft-Windows-Diagnostics-Performance|
An error occurred while ASN.1 was decoding an object (dump reference 674). [child length exceeds given maximum 85 2921 1msev 674 MTA XFER-IN 21 98] (14)
|2 Comments for event id 200 from source MSExchangeMTA|
|Source: NTDS ISAM|
NTDS (312) The database engine is starting a full backup.
|1 Comment for event id 200 from source NTDS ISAM|
The version of the schema being used by the Web server (18.104.22.168) is not compatible with the version of the schema being used by the database server (22.214.171.124).
|1 Comment for event id 200 from source UDDIRuntime|