Monitor unlimited number of servers
Filter log events
Create email and web-based reports

Direct access to Microsoft articles
Customized keywords for major search engines
Access to premium content

Comments for event ID 1198 currently in the processing queue.

Note: We have not reviewed this information yet so it is unfiltered, exactly how it was submitted by our contributors.

Event ID: 1198
Event Source: jolt
Event Type: Error
Event Description: The description for Event ID ( 1198 ) in Source ( jolt ) could not be found. It contains the following insertion string(s):  185735 A12-SAB-DLAP.
Event ID: 1198
Event Source: NTDS Backup
Event Type: Error
Event Description: Internal error: Active Directory failed to restore from backup media.

Additional Data
Error value:
2 (0x2)
The system cannot find the file specified.

For more information see Help and Support Center at
Comment: I got this event after doing a system state restore. Upon rebooting Active Directory tried to restore the NTDS database when in fact it has already been restored. The solution was to reboot in Directory Services Restore mode again to delete the following registry key:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Restore in Progress

Windows Event Log Analysis Splunk App

Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to



Cisco ASA Log Analyzer Splunk App

Obtain enhanced visibility into Cisco ASA firewall logs using the free Firegen for Cisco ASA Splunk App. Take advantage of dashboards built to optimize the threat analysis process.