2014-03-10 20:08:31 p3518 AUDIT_SUCCESS 4735 A security-enabled local group was changed. Subject: Security ID: S-1-5-18 Account Name: p3518$ Account Domain: WORKGROUP Logon ID: 0x3e7 Group: Security ID: S-1-5-32-550 Group Name: Print Operators Group Domain: Builtin Changed Attributes: SAM Account Name: Print Operators SID History: - Additional Information: Privileges: - 2014-03-10 20:03:43 sellersville AUDIT_SUCCESS 4781 The name of an account was changed: Subject: Security ID: S-1-5-18 Account Name: sellersville$ Account Domain: WORKGROUP Logon ID: 0x3e7 Target Account: Security ID: S-1-5-32-550 Account Domain: Builtin Old Account Name: Print Operators New Account Name: Print Operators Additional Information: Privileges: - 2014-03-10 20:04:06 demo1976 AUDIT_SUCCESS 4647 User initiated logoff: Subject: Security ID: S-1-5-21-1094972579-1599888189-3909273292-500 Account Name: Eloise Account Domain: demo1976 Logon ID: 0x136b2

<40>Mar 10 2014 20:06:26 : %ASA-2-106006: Deny inbound UDP from 119.58.34.210/17724 to 119.58.34.210/17724 on interface tun1 <40>Mar 10 2014 20:04:19: %PIX-6-302016: Teardown UDP connection 329619680 for tun3:170.90.95.36/20340 to tun3:170.90.95.36/20340 duration 0:00:01 bytes 329619680 <40>Mar 10 2014 20:04:23: %PIX-6-609001: Built local-host ppp4:219.28.40.239 <40>Mar 10 2014 20:04:32: %PIX-3-305005: No translation group found for udp src outbound:224.70.153.15/8755 dst outbound:224.70.153.15/8755 <40>Mar 10 2014 20:04:34: %PIX-6-110001: No route to 114.159.85.58 from 114.159.85.58 <40>Mar 10 2014 20:04:42: %PIX-6-302017: Built inbound GRE connection 250582528 from ppp0:194.180.90.242 (194.180.90.242) to ppp0:194.180.90.242/10116 (194.180.90.242/10116) <40>Mar 10 2014 20:04:45: %PIX-4-406002: FTP port command different address: 7.49.172.82(7.49.172.82) to 7.49.172.82 on interface ppp4

[ 1.352717] sda: sda1 sda2 < sda5 > [ 1.353702] sd 2:0:0:0: [sda] Cache data unavailable [ 1.353704] sd 2:0:0:0: [sda] Assuming drive cache: write through [ 1.353765] sd 2:0:0:0: [sda] Attached SCSI disk [ 1.653317] PM: Starting manual resume from disk [ 1.653320] PM: Resume from partition 8:5 [ 1.653320] PM: Checking hibernation image. [ 1.653485] PM: Error -22 checking image file [ 1.653486] PM: Resume from disk failed. [ 1.664655] kjournald starting. Commit interval 5 seconds [ 1.664668] EXT3-fs: mounted filesystem with ordered data mode. [ 2.706021] udev[402]: starting version 164 [ 2.905953] input: Power Button as /devices/LNXSYSTM:00/LNXPWRBN:00/input/input2 [ 2.905974] ACPI: Power Button [PWRF] [ 2.909617] ACPI: AC Adapter [ACAD] (on-line)

2011-12-1512:22:51.000000 4296 INFO Association Request Parameteres: Our Implementation Class UID: 2.16.124.113543.6021.2 Our Implementation Version Name: RZDCX_2_0_1_8 Their Implementation Class UID: Their Implementation Version Name: Application Context Name: 1.2.840.10008.3.1.1.1 Requested Extended Negotiation: none Accepted Extended Negotiation: none 2011-12-1512:22:51.000000 4296 DEBUG Constructing Associate RQ PDU 2011-12-1512:22:51.000000 4296 DEBUG WriteToConnection, length: 310, bytes written: 310, loop no: 1 2011-12-1512:22:51.015000 4296 DEBUG PDU Type: Associate Accept, PDU Length: 216 + 6 bytes PDU header 02 00 00 00 00 d8 00 01 00 00 50 41 43 53 20 20 20 20 20 20 20 20 20 20 20 20 52 5a 44 43 58 20 20 20 20 20 20 20 20 20 20 20 00 00 00 00 00 00 2011-12-1512:22:51.031000 4296 DEBUG DIMSE sendDcmDataset: sending 146 bytes

in24.inetnebr.com - - [01/Aug/1995:00:00:01 -0400] "GET /shuttle/missions/sts-68/news/sts-68-mcc-05.txt HTTP/1.0" 200 1839 uplherc.upl.com - - [01/Aug/1995:00:00:07 -0400] "GET / HTTP/1.0" 304 0 uplherc.upl.com - - [01/Aug/1995:00:00:08 -0400] "GET /images/ksclogo-medium.gif HTTP/1.0" 304 0 uplherc.upl.com - - [01/Aug/1995:00:00:08 -0400] "GET /images/MOSAIC-logosmall.gif HTTP/1.0" 304 0 uplherc.upl.com - - [01/Aug/1995:00:00:08 -0400] "GET /images/USA-logosmall.gif HTTP/1.0" 304 0 ix-esc-ca2-07.ix.netcom.com - - [01/Aug/1995:00:00:09 -0400] "GET /images/launch-logo.gif HTTP/1.0" 200 1713 uplherc.upl.com - - [01/Aug/1995:00:00:10 -0400] "GET /images/WORLD-logosmall.gif HTTP/1.0" 304 0 slppp6.intermind.net - - [01/Aug/1995:00:00:10 -0400] "GET /history/skylab/skylab.html HTTP/1.0" 200 1687 piweba4y.prodigy.com - - [01/Aug/1995:00:00:10 -0400] "GET /images/launchmedium.gif HTTP/1.0" 200 11853 slppp6.intermind.net - - [01/Aug/1995:00:00:11 -0400] "GET /history/skylab/skylab-small.gif HTTP/1.0" 200 9202 slppp6.intermind.net - - [01/Aug/1995:00:00:12 -0400] "GET /images/ksclogosmall.gif HTTP/1.0" 200 3635 ix-esc-ca2-07.ix.netcom.com - - [01/Aug/1995:00:00:12 -0400] "GET /history/apollo/images/apollo-logo1.gif HTTP/1.0" 200 1173 slppp6.intermind.net - - [01/Aug/1995:00:00:13 -0400] "GET /history/apollo/images/apollo-logo.gif HTTP/1.0" 200 3047 uplherc.upl.com - - [01/Aug/1995:00:00:14 -0400] "GET /images/NASA-logosmall.gif HTTP/1.0" 304 0 133.43.96.45 - - [01/Aug/1995:00:00:16 -0400] "GET /shuttle/missions/sts-69/mission-sts-69.html HTTP/1.0" 200 10566 kgtyk4.kj.yamagata-u.ac.jp - - [01/Aug/1995:00:00:17 -0400] "GET / HTTP/1.0" 200 7280 kgtyk4.kj.yamagata-u.ac.jp - - [01/Aug/1995:00:00:18 -0400] "GET /images/ksclogo-medium.gif HTTP/1.0" 200 5866 d0ucr6.fnal.gov - - [01/Aug/1995:00:00:19 -0400] "GET /history/apollo/apollo-16/apollo-16.html HTTP/1.0" 200 2743

05:00:03,173 ERROR [MainServlet:713] com.liferay.portal.kernel.events.ActionException: java.lang.NullPointerException com.liferay.portal.kernel.events.ActionException: java.lang.NullPointerException at com.liferay.portal.events.ServicePreAction.run(ServicePreAction.java:149) at com.liferay.portal.events.EventsProcessor._processEvent(EventsProcessor.java:141) at com.liferay.portal.events.EventsProcessor._process(EventsProcessor.java:118) at com.liferay.portal.events.EventsProcessor.process(EventsProcessor.java:75) at com.liferay.portal.servlet.MainServlet.service(MainServlet.java:693) at javax.servlet.http.HttpServlet.service(HttpServlet.java:803) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at com.liferay.portal.kernel.servlet.BaseFilter.processFilter(BaseFilter.java:154) at com.liferay.portal.servlet.filters.secure.SecureFilter.processFilter(SecureFilter.java:282) at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java:91) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at com.liferay.portal.kernel.servlet.BaseFilter.processFilter(BaseFilter.java:154) at com.liferay.portal.sharepoint.SharepointFilter.processFilter(SharepointFilter.java:193) at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java:91) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at com.liferay.portal.kernel.servlet.BaseFilter.processFilter(BaseFilter.java:154) at com.liferay.portal.servlet.filters.virtualhost.VirtualHostFilter.doFilter(VirtualHostFilter.java:147) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at com.liferay.portal.kernel.servlet.BaseFilter.processFilter(BaseFilter.java:154) at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java:94) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.tuckey.web.filters.urlrewrite.UrlRewriteFilter.doFilter(UrlRewriteFilter.java:738) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)

Having a hard time

managing your

EVENT DATA

Check out our products and services!

To keep up with the

data flow

will

collect,

forward,

store,

parse,

analyze,

correlate...

Trusted by thousands.

csv

gelf

syslog

wndows eventlog

file

w3c

xml

json

cef

kvp

wtmp

odbc

kernel log

uds

http

tcp

udp

tls/ssl

snmp

multi-line

Offering the

flexibility

you are looking for

Providing Log Management solutions for everyone.Check out our products and services.

Get Started Now!

Log Management Solutions

The NXLog Community Edition is one of our open source log management solutions available at no cost. It is available for various platforms including Windows and GNU/Linux. The NXLog Community Edition is used by thousands worldwide from small startup companies to large security enterprises and boasts over 150,000 downloads to date.

In addition to the features that our NXLog Community Edition users love such as the flexibility, low memory footprint and high performance, the NXLog Enterprise Edition contains several enhancements which can be useful in enterprise deployments.

NXLog Manager is a web based application that can be used to manage and monitor your NXLog Enterprise Edition instances from a central console. It comes with a built-in PKI system and makes it easy to configure and manage a large number of agents.

Click below or learn more...

Log Management Solutions

Log Management News

SEC555: SIEM with Tactical Analytics—A Valuable New Course

Announcing NXLog Enterprise Edition v3.0

The disappearing Windows DNS debug log

Structured logging - why should you do that?

Using NXLog with Elasticsearch and Kibana

Windows as a First-Class Centralized Logging Citizen

What Users Say

Our Partners