Monitor unlimited number of servers
Filter log events
Create email and web-based reports

Direct access to Microsoft articles
Customized keywords for major search engines
Access to premium content

Event ID: 3006

Source
EvntAgnt
Level
Warning
Description
Error reading log event record. Handle specified is 619064. Return code from ReadEventLog is <error code>.
Source
LoadPerf
Level
Error
Description
Unable to read the performance counter strings of the <language id> language ID. The Win32 status returned by the call is the first DWORD in Data section.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Data:
0000: 02 00 00 00 20 01 00 00 .
Source
Microsoft Search
Level
Error
Description
Performance monitoring for the Gatherer service cannot be initialized, because the counters are not loaded or the shared memory object cannot be opened. This only affects availability of the perfmon counters. Rebooting the system may fix the problem.
Source
MSExchangeSA
Level
Information
Description
Policy provider instance processing recipient.
Recipient DN: CN=UserName,CN=Users,DC=contoso,DC=com
Current recipient proxies:
X500:/O=Microsoft/OU=Site1/cn=Recipients/cn=UserName
smtp:<user name>@<domain> CCMAIL:UserName at Site1
MS:MICROSOFT/SITE1/UserName
SMTP:<user name>@Site1.Microsoft.com
X400:c=US;a= ;p=Microsoft;o=Site1;s=<user name>;
Applicable policies:
CN=Default Policy,CN=Recipient Policies,CN=Microsoft,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=contoso,DC=com CN=Site1,CN=Recipient Policies,CN=Microsoft,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=contoso,DC=com
Chosen policy:
CN=Site1,CN=Recipient Policies,CN=Microsoft,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=contoso,DC=com
Proxies of chosen policy:
smtp:@adatum.com
X400:c=US;a= ;p=Microsoft;o=Site1;
SMTP:@Site1.Microsoft.com
MS:MICROSOFT/SITE1
CCMAIL: at Site1
Proxies in change list:
Proxies to generate:
Conflicts during generation:
Proxies generated:
Proxies written to recipient:
Source
Rdr
Level
Warning
Description
The redirector received an SMB that was too short.
Source
SNA Netview Alerter
Level
Error
Description
Error reading log event record. Handle specified is <handle>. Return Code from ReadEventLog is 122.
Source
SNMPELEA
Level
Warning
Description
Error read log event record. Handled specified is <value>. Return code from read event log is <error code>.
Source
WinDefend
Level
Warning
Description
Microsoft Forefront Client Security Real-Time Protection agent has encountered an error when taking action on spyware or other potentially unwanted software.
Error Code: 0x80508022
Error description: To finish removing spyware and other potentially unwanted software, restart the computer.

Windows Event Log Analysis Splunk App

Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net.

Read more...

 

Cisco ASA Log Analyzer Splunk App

Obtain enhanced visibility into Cisco ASA firewall logs using the free Firegen for Cisco ASA Splunk App. Take advantage of dashboards built to optimize the threat analysis process.

Read more...