Xymon
blite.hope.edu - msgs
Sat Oct 23 04:39:52 2021




 

2021-Oct-23 04:39:50 [blite.hope.edu]

yellow security: failure - 2021/10/23 04:12:00 - Microsoft-Windows-Security-Auditing (4625) - n/a 
 "The description for Event ID ( 4625 ) in Source ( Microsoft-Windows-Security-Auditing
 ) cannot be found. The local computer may not have the necessary registry
 information or message DLL files to display messages from a remote computer. You
 may be able to use the /AUXSOURCE= flag to retrieve this description; see Help
 and Support for details. The following information is part of the event: S-1-5-18;
 BLITE$; WORKGROUP; 0x3e7; S-1-0-0; hope; ?; 0xc000006d; %%2313; 0xc0000064;
 8; Advapi  ; MICROSOFT_AUTHENTICATION_PACKAGE_V1_0; BLITE; -; -; 0; 0xb4c; C:\Windows\System32\svchost.exe;
 -; -."

yellow security: failure - 2021/10/23 04:11:57 - Microsoft-Windows-Security-Auditing (4625) - n/a 
 "The description for Event ID ( 4625 ) in Source ( Microsoft-Windows-Security-Auditing
 ) cannot be found. The local computer may not have the necessary registry
 information or message DLL files to display messages from a remote computer. You
 may be able to use the /AUXSOURCE= flag to retrieve this description; see Help
 and Support for details. The following information is part of the event: S-1-5-18;
 BLITE$; WORKGROUP; 0x3e7; S-1-0-0; blite; ?; 0xc000006d; %%2313; 0xc0000064;
 8; Advapi  ; MICROSOFT_AUTHENTICATION_PACKAGE_V1_0; BLITE; -; -; 0; 0xb4c;
 C:\Windows\System32\svchost.exe; -; -."

yellow security: failure - 2021/10/23 04:11:54 - Microsoft-Windows-Security-Auditing (4625) - n/a 
 "The description for Event ID ( 4625 ) in Source ( Microsoft-Windows-Security-Auditing
 ) cannot be found. The local computer may not have the necessary registry
 information or message DLL files to display messages from a remote computer. You
 may be able to use the /AUXSOURCE= flag to retrieve this description; see Help
 and Support for details. The following information is part of the event: S-1-5-18;
 BLITE$; WORKGROUP; 0x3e7; S-1-0-0; hope; ?; 0xc000006d; %%2313; 0xc0000064;
 8; Advapi  ; MICROSOFT_AUTHENTICATION_PACKAGE_V1_0; BLITE; -; -; 0; 0xb4c; C:\Windows\System32\svchost.exe;
 -; -."

yellow security: failure - 2021/10/23 04:11:52 - Microsoft-Windows-Security-Auditing (4625) - n/a 
 "The description for Event ID ( 4625 ) in Source ( Microsoft-Windows-Security-Auditing
 ) cannot be found. The local computer may not have the necessary registry
 information or message DLL files to display messages from a remote computer. You
 may be able to use the /AUXSOURCE= flag to retrieve this description; see Help
 and Support for details. The following information is part of the event: S-1-5-18;
 BLITE$; WORKGROUP; 0x3e7; S-1-0-0; blite; ?; 0xc000006d; %%2313; 0xc0000064;
 8; Advapi  ; MICROSOFT_AUTHENTICATION_PACKAGE_V1_0; BLITE; -; -; 0; 0xb4c;
 C:\Windows\System32\svchost.exe; -; -."

yellow security: failure - 2021/10/23 04:11:51 - Microsoft-Windows-Security-Auditing (4625) - n/a 
 "The description for Event ID ( 4625 ) in Source ( Microsoft-Windows-Security-Auditing
 ) cannot be found. The local computer may not have the necessary registry
 information or message DLL files to display messages from a remote computer. You
 may be able to use the /AUXSOURCE= flag to retrieve this description; see Help
 and Support for details. The following information is part of the event: S-1-5-18;
 BLITE$; WORKGROUP; 0x3e7; S-1-0-0; blite; ?; 0xc000006d; %%2313; 0xc0000064;
 8; Advapi  ; MICROSOFT_AUTHENTICATION_PACKAGE_V1_0; BLITE; -; -; 0; 0xb4c;
 C:\Windows\System32\svchost.exe; -; -."

yellow security: failure - 2021/10/23 04:11:49 - Microsoft-Windows-Security-Auditing (4625) - n/a 
 "The description for Event ID ( 4625 ) in Source ( Microsoft-Windows-Security-Auditing
 ) cannot be found. The local computer may not have the necessary registry
 information or message DLL files to display messages from a remote computer. You
 may be able to use the /AUXSOURCE= flag to retrieve this description; see Help
 and Support for details. The following information is part of the event: S-1-5-18;
 BLITE$; WORKGROUP; 0x3e7; S-1-0-0; blite; ?; 0xc000006d; %%2313; 0xc0000064;
 8; Advapi  ; MICROSOFT_AUTHENTICATION_PACKAGE_V1_0; BLITE; -; -; 0; 0xb4c;
 C:\Windows\System32\svchost.exe; -; -."


EventLog Statistics:

- application
  15658 events since 928 days (16.87 events/day)
  current size is 0 kb (max size is set to 20480 kb)
  retention is set to : Overwrite events as needed
- hardwareevents
  0 events since 18923 days (0.00 events/day)
  current size is 0 kb (max size is set to 20480 kb)
  retention is set to : Overwrite events as needed
- internet explorer
error : can't get eventlog file path
  0 events since 18923 days (0.00 events/day)
  current size is 0 kb (max size is set to 0 kb)
  retention is set to : Overwrite events as needed
- key management service
error : can't get eventlog file path
  0 events since 18923 days (0.00 events/day)
  current size is 0 kb (max size is set to 20480 kb)
  retention is set to : Overwrite events as needed
- parameters
error : can't get eventlog file path
  0 events since 18923 days (0.00 events/day)
  current size is 0 kb (max size is set to 0 kb)
  retention is set to : Overwrite events as needed
- security
  30241 events since 30 days (1008.03 events/day)
  current size is 0 kb (max size is set to 20480 kb)
  retention is set to : Overwrite events as needed
- state
error : can't get eventlog file path
  0 events since 30 days (0.00 events/day)
  current size is 0 kb (max size is set to 0 kb)
  retention is set to : Overwrite events as needed
- symantec endpoint protection client
error : can't get eventlog file path
  10503 events since 487 days (21.57 events/day)
  current size is 0 kb (max size is set to 8192 kb)
  retention is set to : Overwrite events as needed
- system
  57475 events since 267 days (215.26 events/day)
  current size is 0 kb (max size is set to 20480 kb)
  retention is set to : Overwrite events as needed
- windows powershell
error : can't get eventlog file path
  316 events since 802 days (0.39 events/day)
  current size is 0 kb (max size is set to 15360 kb)
  retention is set to : Overwrite events as needed

Summary:

- Events Analyzed:     11
- Events Matched:       6
- Events Ignored:       0




Status unchanged in 765 days, 18 hours, 56 minutes
Status message received from 209.140.194.79



Xymon 4.3.28