These events are logged by IIS, Exchange Server and MSSQL server. Most Microsoft server applications (Backoffice) log extensive information to the event log and can thus be monitored very nicely with EventSentry.
Event Log |
ID |
Type |
Source |
Category |
Message |
Application |
2219 |
Warning |
MSExchangeMTA |
Field Engineering |
The MTA is running recovery on the internal message database because the MTA was not shut down cleanly. This operation may take some time. Status updates will be written to the Windows 2000 Event Log. [DB Server MAIN BASE 1 0] (14) |
Application |
5 |
Error |
MSExchangeES |
General |
An unexpected MAPI error occurred. Error returned was [0x800401548] |
Application |
12002 |
Error |
MSExchangeIS |
Content Engine |
Error 8004011B-82000387 occurred while processing message <> from 'somebody@aol.com' |
Application |
1025 |
Warning |
MSExchange IS Mailbox Store |
General |
An error occurred on database "First Storage Group\Mailbox Store (SERVER1)". Function name or description of problem: Restrict/SetSearchCriteria Error: -1102 Warning: fail to apply search optimization to folder (FID 1-3619001) Retrying without optimization. |
System |
2 |
Information |
IISCTLS |
IIS stop command received from user DOMAIN\User. The logged data is the status code. |
|
System |
4 |
Information |
IISCTLS |
IIS kill command received from user DOMAIN\User. The logged data is the status code. |
|
System |
105 |
Error |
W3SVC |
The server was unable to register the administration tool discovery information. The administration tool may not be able to see this server. The data is the error code. |
|
System |
100 |
Warning |
W3SVC |
The server was unable to logon the Windows NT account 'myaccount' due to the following error: Logon failure: unknown user name or bad password. The data is the error code. |
|
Application |
1051 |
Error |
IMAP4SVC |
General |
Unexpected error condition: call to function CEncryptCtx::CheckServerCert() resulted in error code 0x800cc000. |
System |
50 |
Error |
TermDD |
The RDP protocol component X.224 detected an error in the protocol stream and has disconnected the client. |
|
System |
36871 |
Error |
Schannel |
A fatal error occurred while creating an SSL server credential. |
|
System |
36872 |
Warning |
Schannel |
No suitable default server credential exists on this system. This will prevent server applications that expect to make use of the system default credentials from accepting SSL connections. An example of such an application is the diretory server. Applications that manage their own credentials, such as the internet information server, are not affected by this. |
|
System |
36874 |
Error |
Schannel |
An SSL connection request was received from a remote client application, but none of the ciper suites supported by the client application are supported by the server. Ths SSL connection request has failed. |
|
Application |
17052 |
Information |
MSSQL$Instance |
Error: 154557, Severity: 0, State: 1 Configuration option 'show advanced options' changed from 0 to 1. Run the RECONFIGURE statement to install. |
|
Application |
17055 |
Information |
MSSQL$Instance |
19013: SQL server listening on TCP, Shared Memory, Named Pipes. |
|
Application |
17055 |
Information |
MSSQL$Instance |
17126: SQL Server is ready for client connections |
|
Application |
17055 |
Information |
MSSQL$Instance |
19013: SQL Server listening on 34.234.34.32: 3431 |
|
Application |
208 |
Information |
SQLSERVERAGENT |
SQL Server Scheduled Job 'EventSentry Database Purge' (0x3DF88F31AB6B4C4F8FD0574F29FF3B48) - Status: Succeeded - Invoked on: 2004-06-22 11:30:00 - Message: The job succeeded. The Job was invoked by Schedule 3 (Default). The last step to run was step 1 (Delete records older than 90 days). |
Strings in italic may vary depending on what triggered the event
