Monitor unlimited number of servers
Filter log events
Create email and web-based reports

Direct access to Microsoft articles
Customized keywords for major search engines
Access to premium content

Comments for event ID 17 currently in the processing queue.

Note: We have not reviewed this information yet so it is unfiltered, exactly how it was submitted by our contributors.

Event ID: 17
Event Source: IAS cannot be found
Event Type: Error
Event Description: The description for Event ID 17 in Source "IAS" cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer
Comment:
Event ID: 17
Event Source: Active Administrator Agent
Event Type: Error
Event Description:
Event Type:      Error

Event Source:      Active Administrator Agent
Event Category:      None
Event ID:      17
Date:            3/16/2010
Time:            8:29:38 AM
User:            N/A
Computer:      BUSD-DC01
Description:
CActiveAdministratorAgent::DoAgentWork - Unable to open the database.
Cannot generate SSPI context
Error = -2147467259.


Event Type:      Warning

Event Source:      Active Administrator Agent
Event Category:      None
Event ID:      17
Date:            3/16/2010
Time:            8:29:58 AM
User:            N/A
Computer:      BUSD-DC01
Description:
CDBAlertLog::OpenDatabase - Unable to open the database.
Cannot generate SSPI context
Error = -2147467259
Events are being cached and will be inserted into the database when a connection can be established..

Server 2003 Standard Edition Service pack 2
Comment:
Event ID: 17
Event Source: OnlineResponderRevocation
Event Type: Error
Event Description: For configuration XXX Online Responder revocation provider either has no CRL information or has stale CRL information.
Comment: Still looking for a fix....
Event ID: 17
Event Source: CertificationAuthority
Event Type: Error
Event Description: Active Directory Certificate Services did not start: Unable to initialize the database connection for -(SERVERNAME).  Unable to find the file. 0xc8000713 (ESE: -1811).
Comment:
Event ID: 17
Event Source: Active Administrator Agent
Event Type: Error
Event Description: CActiveAdministratorAgent::DoAgentWork - Unable to open the database.
Cannot generate SSPI context
Error = -2147467259
Comment:
Event ID: 17
Event Source: Microsoft-Windows-NetworkDeviceEnrollmentService
Event Type: Error
Event Description: Log Name:      Application
Source:        Microsoft-Windows-NetworkDeviceEnrollmentService
Date:          9/10/2013 2:55:50 PM
Event ID:      17
Task Category: None
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      BLIMEY.cert.mtb.com
Description:
The Network Device Enrollment Service cannot retrieve required information such as the transaction ID message type or signing certificate from the client''s PKCS7 message (0x80093102).  ASN1 unexpected end of data.

Comment:
Event ID: 17
Event Source: WHEA-Logger
Event Type: Warning
Event Description: - System

  - Provider

   [ Name]  Microsoft-Windows-WHEA-Logger
   [ Guid]  {C26C4F3C-3F66-4E99-8F8A-39405CFED220}

   EventID 17

   Version 0

   Level 3

   Task 0

   Opcode 0

   Keywords 0x8000000000000000

  - TimeCreated

   [ SystemTime]  2016-10-04T08:38:26.830175700Z

   EventRecordID 33003

  - Correlation

   [ ActivityID]  {E49D190B-56F1-4051-948D-1D34A9B2B020}

  - Execution

   [ ProcessID]  1488
   [ ThreadID]  3840

   Channel System

   Computer YYYY-PC

  - Security

   [ UserID]  S-1-5-19


- EventData

  ErrorSource 4
  FRUId {00000000-0000-0000-0000-000000000000}
  FRUText  
  ValidBits 0xdf
  PortType 4
  Version 0x101
  Command 0x10
  Status 0x407
  Bus 0x0
  Device 0x1c
  Function 0x3
  Segment 0x0
  SecondaryBus 0x0
  Slot 0x0
  VendorID 0x8086
  DeviceID 0xa113
  ClassCode 0x30400
  DeviceSerialNumber 0x0
  BridgeControl 0x0
  BridgeStatus 0x0
  UncorrectableErrorStatus 0x0
  CorrectableErrorStatus 0x1000
  HeaderLog 0100004A040001031000000000000000
  Length 672
  RawData 435045521002FFFFFFFF02000200000002000000A002000019260800040A10140000000000000000000000000000000000000000000000000000000000000000BDC407CF89B7184EB3C41F732CB571311FC093CF161AFC4DB8BC9C4DAF67C104BF4DDBCE061ED20100000000000000000000000000000000000000000000000010010000D0000000000300000100000054E995D9C1BB0F43AD91B44DCB3C6F3500000000000000000000000000000000020000000000000000000000000000000000000000000000E0010000C00000000003000000000000ADCC7698B447DB4BB65E16F193C4F3DB00000000000000000000000000000000030000000000000000000000000000000000000000000000DF0000000000000004000000010100001000070400000000868013A1000403031C00000000000000000000000000000000000000108042010180000007001100134872044200117000B23C00000048000800000000000000370800001004000000000000000000000000000000000000010001140000000000000000110006000010000000000000100000000100004A0400010310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000043010000000000000002000000000000E306050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000

- <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
- <System>
  <Provider Name="Microsoft-Windows-WHEA-Logger" Guid="{C26C4F3C-3F66-4E99-8F8A-39405CFED220}" />
  <EventID>17</EventID>
  <Version>0</Version>
  <Level>3</Level>
  <Task>0</Task>
  <Opcode>0</Opcode>
  <Keywords>0x8000000000000000</Keywords>
  <TimeCreated SystemTime="2016-10-04T08:38:26.830175700Z" />
  <EventRecordID>33003</EventRecordID>
  <Correlation ActivityID="{E49D190B-56F1-4051-948D-1D34A9B2B020}" />
  <Execution ProcessID="1488" ThreadID="3840" />
  <Channel>System</Channel>
  <Computer>YYYY-PC</Computer>
  <Security UserID="S-1-5-19" />
  </System>
- <EventData>
  <Data Name="ErrorSource">4</Data>
  <Data Name="FRUId">{00000000-0000-0000-0000-000000000000}</Data>
  <Data Name="FRUText" />
  <Data Name="ValidBits">0xdf</Data>
  <Data Name="PortType">4</Data>
  <Data Name="Version">0x101</Data>
  <Data Name="Command">0x10</Data>
  <Data Name="Status">0x407</Data>
  <Data Name="Bus">0x0</Data>
  <Data Name="Device">0x1c</Data>
  <Data Name="Function">0x3</Data>
  <Data Name="Segment">0x0</Data>
  <Data Name="SecondaryBus">0x0</Data>
  <Data Name="Slot">0x0</Data>
  <Data Name="VendorID">0x8086</Data>
  <Data Name="DeviceID">0xa113</Data>
  <Data Name="ClassCode">0x30400</Data>
  <Data Name="DeviceSerialNumber">0x0</Data>
  <Data Name="BridgeControl">0x0</Data>
  <Data Name="BridgeStatus">0x0</Data>
  <Data Name="UncorrectableErrorStatus">0x0</Data>
  <Data Name="CorrectableErrorStatus">0x1000</Data>
  <Data Name="HeaderLog">0100004A040001031000000000000000</Data>
  <Data Name="Length">672</Data>
  <Data Name="RawData">435045521002FFFFFFFF02000200000002000000A002000019260800040A10140000000000000000000000000000000000000000000000000000000000000000BDC407CF89B7184EB3C41F732CB571311FC093CF161AFC4DB8BC9C4DAF67C104BF4DDBCE061ED20100000000000000000000000000000000000000000000000010010000D0000000000300000100000054E995D9C1BB0F43AD91B44DCB3C6F3500000000000000000000000000000000020000000000000000000000000000000000000000000000E0010000C00000000003000000000000ADCC7698B447DB4BB65E16F193C4F3DB00000000000000000000000000000000030000000000000000000000000000000000000000000000DF0000000000000004000000010100001000070400000000868013A1000403031C00000000000000000000000000000000000000108042010180000007001100134872044200117000B23C00000048000800000000000000370800001004000000000000000000000000000000000000010001140000000000000000110006000010000000000000100000000100004A0400010310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000043010000000000000002000000000000E306050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000</Data>
  </EventData>
  </Event>

Comment:

Windows Event Log Analysis Splunk App

Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net.

Read more...

 

Cisco ASA Log Analyzer Splunk App

Obtain enhanced visibility into Cisco ASA firewall logs using the free Firegen for Cisco ASA Splunk App. Take advantage of dashboards built to optimize the threat analysis process.

Read more...