Monitor unlimited number of servers
Filter log events
Create email and web-based reports

Direct access to Microsoft articles
Customized keywords for major search engines
Access to premium content

Comments for event ID 1123 currently in the processing queue.

Note: We have not reviewed this information yet so it is unfiltered, exactly how it was submitted by our contributors.

Event ID: 1123
Event Source: clussvc
Event Type: Warning
Event Description: The node lost communication with cluster node ''X1ITS-004'' on network ''Public_vlan(2)''.
The node lost communication with cluster node ''X1ITS-004'' on network ''Private_heartbeat
Comment:
event id: 1123 event source: windows defender event type: error event description: eventviewer windefender event 1123 filter works to display notifications for "...has been blocked from modifying ... by controlled folder access." event includes full path to blocked item and thus allows you to add ''allowed app'' in controlled folder access.

i have temporarily posted a screen shot of my event viewer and filter setup in my google drive at https://drive.google.com/openid=1t_2a3pjty0xh7qjqbrrnigwg2p1lzvsw. it will be available at least until the end of 2018.
comment: however event 1123 filter does not work for controlled folder access "blocked... from making changes to memory."

i am seeking event id to locate the window defender event id's for that error notification.

Windows Event Log Analysis Splunk App

Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net.

Read more...

 

Cisco ASA Log Analyzer Splunk App

Obtain enhanced visibility into Cisco ASA firewall logs using the free Firegen for Cisco ASA Splunk App. Take advantage of dashboards built to optimize the threat analysis process.

Read more...