Monitor unlimited number of servers
Filter log events
Create email and web-based reports

Direct access to Microsoft articles
Customized keywords for major search engines
Access to premium content

Event ID: 1008

Source
ACECLIENT
Level
Error
Description
Network Timeout - - ACE/Server was responding but has now stopped.
Source
ASP.NET 1.1.4322.0
Level
Error
Description
aspnet_wp.exe (PID: <PID>) was recycled because it failed to respond to ping message.
Source
BINLSVC
Level
Error
Description
BINL service is shutting down because of error <error>.
Source
CDOEXM
Level
Error
Description
Unable to move mailbox "<mailbox>".
Error: The Microsoft Exchange Information Store service could not find the specified object.
Source
CLTMGR
Level
Error
Description
The server was not able to query information about wfica32.exe file from the ICA Client.
Source
Customer Improvement
Level
Error
Description
Details--[Qualifiers]-49152 Version 0 Level 2 Task 0 Opcode 0 Keywords=0x80000000000000 Time Created [System Time]2013-03-20T19:35:41.000000000Z Event Record ID=3425 Execution-[ProcessID] 0
[ThreadID]0 Computer-RCs-PC Event Data-param1 80004005
Source
Dhcp
Level
Error
Description
Your computer was unable to initialize a Network Interface attached to the system. The error code is: <error message>.
Source
DhcpServer
Level
Error
Description
The DHCP server is shutting down due to the following error: <error>.
Source
Exchange Migration
Level
Error
Description
The move-mailbox task for mailbox '<name>' failed.

Error: Failed to copy messages to the destination mailbox store with error:

MAPI or an unspecified service provider.

ID no: 00000000-0000-00000000
Source
IMAP4SVC
Level
Warning
Description
Connection attempt from <ip address> was rejected because the server is configured to have all access take place on a secure channel.

For more information click http://www.microsoft.com/contentredirect.asp.
Data:
0000: af 15 1b 00
Source
MailDSMX
Level
Error
Description
The description for Event ID ( 1008 ) in Source ( MailDSMX ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer.
Source
McLogEvent
Level
Error
Description
The McShield service terminated unexpectedly. Please review event 5019 or 5051 for details. The McShield service will be restarted in <number> seconds.
Source
Microsoft-Windows-CEIP
Level
Error
Description
A problem prevented Customer Experience Improvement Program data from being sent to Microsoft (Error 80004005)
Source
Microsoft-Windows-CEIP
Level
Error
Description
A problem prevented Customer Experience Improvement Program data from being sent to Microsoft, (Error 80004005).
Source
ModemSharingPrf
Level
Error
Description
Unable to read the "First Counter" value under the ModemSharingServer\Performance Key. Status code returned in data.
Source
MSExchange ActiveSync
Level
Warning
Description
An exception occurred and was handled by Exchange ActiveSync. This may have been caused by an outdated or corrupted Exchange ActiveSync device partnership. This can occur if a user tries to modify the same item from multiple computers. If this is the case, Exchange ActiveSync will re-create the partnership with the device. Items will be updated at the next synchronization.

URL=<url>
Source
MSExchangeAdmin
Level
Error
Description
Unable to move mailbox <mailbox name>. <error message> <error ID>.
Source
MSExchangeIMAP4
Level
Warning
Description
User "<user name>" was prevented connecting to his/her mailbox because the Mailbox Server resides in a different Active Directory site (<active directory site name>) than the Client Access Server (<client access server name>) to which he/she connected. Either arrange for the Client Access server and the Mailbox server to reside in the same site, or change the configuration setting of AllowCrossSiteSessions to true.
Source
MSExchangeMTA
Level
Error
Description
An error occurred while processing an association with entity . The association will be terminated and restarted if necessary. [2 26 PLATFORM KERNEL ]
Source
MSExchangeTransport
Level
Information
Description
RE service instance 1 has been started.
Source
MsiInstaller
Level
Error
Description
The installation of <file name> is not permitted due to an error in software restriction policy processing. The object cannot be trusted.
Source
Perflib
Level
Error
Description
The Open Procedure for service <service> in DLL <dll> failed. Performance data for this service will not be available. Status code returned is DWORD 0.
Source
POP3 Connector
Level
Information
Description
The service is waiting the service threads to finish before proceeding with the service shutdown.
Source
Software Licensing Service
Level
Error
Description
Acquisition of Secure Processor Certificate failed. Status Code=hr=<error code>.
Source
TermService
Level
Error
Description
The terminal services licensing grace period has expired and the service has not registered with a license server. A terminal services license server is required for continuous operation. A terminal server can operate without a license server for <number> days after initial start up.
Source
Winlogon
Level
Error
Description
Failed to load/unload the profile for user <user name>.
Source
winlogon
Level
Error
Description
The Enterprise Root Certificate store could not be updated. (<error code>)

Windows Event Log Analysis Splunk App

Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net.

Read more...

 

Cisco ASA Log Analyzer Splunk App

Obtain enhanced visibility into Cisco ASA firewall logs using the free Firegen for Cisco ASA Splunk App. Take advantage of dashboards built to optimize the threat analysis process.

Read more...