IPS event store

Similar Messages

• Popularity trend/usage report is not working in sp2013. Data was not being processed to EVENT STORE folder which was present under the Analytics_GUID folder.

  Hi
   I am working in a sharepoint migration project. We have migrated one SharePoint project from moss2007 to sp2013. Issue is when we are clicking on Popularity trend > usage report,  it is throwing an error.
  Issue: The data was not being processed to EVENT STORE folder which was present under the
  Analytics_GUID folder. Also data was not present in the Analytical Store database.
  In log viewer I have found the bellow error.
  HIGH -
  SearchServiceApplicationProxy::GetAnalyticsEventTypeDefinitions--Error occured: System.ServiceModel.Security.MessageSecurityException: An unsecured or incorrectly
  secured fault was received from the other party.
  UNEXPECTED - System.ServiceModel.FaultException`1[[System.ServiceModel.ExceptionDetail,
  System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]: We're sorry, we weren't able to complete the operation, please try again in a few minutes.
  HIGH - Getting Error Message for Exception System.Web.HttpUnhandledException
  (0x80004005): Exception of type 'System.Web.HttpUnhandledException' was thrown. ---> System.ServiceModel.Security.MessageSecurityException: An unsecured or incorrectly secured fault was received from the other party.
  CRITICAL - A failure was reported when trying to invoke a service application:
  EndpointFailure Process Name: w3wp Process ID: 13960 AppDomain Name: /LM/W3SVC/767692721/ROOT-1-130480636828071139 AppDomain ID: 2 Service Application Uri: urn:schemas-microsoft-
  UNEXPECTED - Could not retrieve analytics event definitions for
  https://XXX System.ServiceModel.FaultException`1[System.ServiceModel.ExceptionDetail]: We're sorry, we weren't able to complete the operation, please try again in a few minutes.
  UNEXPECTED - System.ServiceModel.FaultException`1[[System.ServiceModel.ExceptionDetail,
  System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]: We're sorry, we weren't able to complete the operation, please try again in a few minutes.
  I have verified few things in server which are mentioned below
  Two timer jobs (Microsoft SharePoint Foundation Usage Data Processing, Microsoft SharePoint Foundation Usage Data Import) are running fine.
  APPFabric Caching service has been started.
  Analytics_GUID folder has been
  shared with
  WSS_ADMIN_WPG and WSS_WPG and Read/Write access was granted
  .usage files are getting created and also the temporary(.tmp) file has been created.
  uasage  logging database for uasage data being transported. The data is available.
  Please provide pointers on what needs to be done.

  Hi Nabhendu,
  According to your description, my understanding is that you could not use popularity trend after you migrated SharePoint 2007 to SharePoint 2013.
  In SharePoint 2013, the analytics functionality is a part of the search component. There is an article for troubleshooting SharePoint 2013 Web Analytics, please take a look at:
  Troubleshooting SharePoint 2013 Web Analytics
  http://blog.fpweb.net/troubleshooting-sharepoint-2013-web-analytics/#.U8NyA_kabp4
  I hope this helps.
  Thanks,
  Wendy
  Wendy Li
  TechNet Community Support

• My calendar will no longer let me add new event or delete them, it comes up with an error saying "cannot save event, no end date set" or "event does not belong to that event store". can anyone help with this?

  my calendar will no longer let me add new event or delete them, it comes up with an error saying "cannot save event, no end date set" or "event does not belong to that event store". can anyone help with this?

  Hi,
  To configure your ODBC DataSource, go to Control Panel ---> DataSources(ODBC) (If you are in a Windows environment).
  Select the tab System DSN. If you have not added your data source, then do so by clicking on the Add button. If you have added the datasource, click on the Configure button to configure it.
  Give the datasource name, then the database name.
  You have to give the hostname, service name and server name. I guess, in most cases, the datasource name and host name will be the same, service name and server name will be the same. If you are using TCP/IP, the protocol will be onsoctcp.
  There will be a file named Services under C:\WINNT\system32\drivers\etc where you have to give the port number for accessing this server.
  It will be like this <service name> <portnumber>/tcp
  Hope this helps...
  best wishes,
  Nish

• Calendar on iOS 7.1: Cannot Save Event - That event does not belong to that event store.

  Hi All,
  I have an iPhone 5 running iOS 7.1.
  Yesterday, while updating a birthday in the iPhone iOS calendar app (default calendar = GMail), I noticed that the new 'List View' in the iOS 7.1 calendar (and only that view) showed an event called 'New Event' - which has a start date of 2014 and an end date of 2001. If I go into that event, it will show me no title and no location - only, as mentioned, funny start and end times. The 'Delete Event' button is completely missing. This 'New Event' does not come up in any other view.
  Trying to input a ficticious title with a valid start and end time into that event slot leads to a message from the calendar app saying: "Cannot Save Event - That event does not belong to that event store." I have deleted all calendars and re-add them again via settings, with / without soft and hard reset and tried every possible combination. Yet, the event will not disappear.
  The funny thing is that this 'New Event' will still showed up, even when my GMail, work and iCloud calendars were disabled. I have, however, subscribed to a GMail calendar for Australian holidays, and there is a built-in 'Birthday' calendar that pulls the dates from the contacts (I do not use that contact field, though).
  Does anyone have a similar issue? Any suggestions how to fix it?
  Thanks in advance!
  Edit: This 'New Event' does not seem to sync to any calendar other than on the iPhone - not to Gmail, not to work, not to iCloud.

  Had same problem. Although the phone looks off   it actually isnt.  If you actually turn it off and then on again this problem will disappear. I think its a memory overload issue that is solved by clearing the memory by turning it off.
  Worked for me

• I have a problem with iCal.Since 2 days ago,I couldn't add new event in iCal on my ipad2.It Keeps saying 'No calendar has been set", then if I go to Calendar field,choose one calendar,it gives this msg "That event doesn't belong to that event store".

  I have a problem with iCal.Since 2 days ago,I couldn't add new event in iCal on my ipad2.It Keeps saying 'No calendar has been set", then if I go to Calendar field,choose one calendar,it gives this msg "That event doesn't belong to that event store". I can add event from iCloud and from my iCal on my iMac. Please help

  Most likely you have Office 2004 which are PPC-only applications and will not work in Lion. Upgrade to Office 2011. Other alternatives are:
  Apple's iWork suite (Pages, Numbers, and Keynote.)
  Open Office (Office 2007-like suite compatible with OS X.)
  NeoOffice (similar to Open Office.)
  LibreOffice (a new direction for the Open Office suite.)

• Initial Time Machine Backup. Event Store UUIDs Don't Match.

  This is an initial backup and 25% (about 100 GBs) of the backup completed in 1 Hour. The remaining 75% (about 300 GBs) is stuck at the same place for 9 hours now.
  I'm working on a MBP Mid-2009 15", 3.06 Ghz Intel Core 2 Duo, Mac OS X 10.5.8.
  All software is up-to-date.
  Backup Drive is a Seagate 2GB (USB), Formatted for Mac OS Extended (Journaled)
  No 3rd Party Backup Software or 3rd Party Security installed.
  Spotlight has already been re-indexed.
  Name of Computer is: MBP 2013
  Time Machine Buddy indicates only that the Event Store UUIDs Don't Match. No error messages. Other discussion posts say wait. Any other suggestions? Is there a way to reset the Event Store UUIDs?

  Well, I dislike TM myself, never use it due to all it's quirks, & even IF it appears to work, when it comes time to use it/relly on it, you may find more quirks or nearly impossible to use.
  If you wish o continue trying TM, I'll certainbly try to help, or even ask for help from others, but...
  Get carbon copy cloner to make an exact copy of your old HD to the New one...
  http://www.bombich.com/software/ccc.html
  Or SuperDuper...
  http://www.shirt-pocket.com/SuperDuper/
  Or the most expensive one & my favorite, Tri-Backup...
  http://www.tri-edre.com/english/tribackup.html
  Does everything TM & the others can do & much more.

• I keep getting error messages on the calendar since downloading the new software on my IPAD2. It either says "cannont save event. That event does not belong to that event store" or I get an error message that says that no calendar "has been set".

  I keep getting error messages on the calendar since I downloaded the new software on my IPAD2.  When I try to add a new event it either says "That event does not belong to that event store" or it says "the calendar has not been set".  Does anyone know what these messages mean or how to address this?

  I'm getting the same issue on my ipad2...I set up a new calender and now I keep getting this error message....how do I fix this?

• 4215 Java error: When connecting from IPS event viewer

  Hello-
  I received a java error when trying to connect to my 4215 with Cisco IPS event viewer. It is as follows:
  IOException in open Subscription(): java.security.cert.CertificateExpiredException: NotAfter: Sunday March 29
  Is the web server running on 10.x.x.x:443? Please check the communication parameters of the device.
  I can set the date on my pc back to last week and all works fine like b4. I have tried updating my java to the latest version and created a new certificate from the IPS.
  Any help would greatly be appreciated:
  Thanks

  Hi,
  The issue can be resolved by following the steps as below
  1.Login to the sensor.
  2.Run the tls generate-key command.
  3.Make sure the certificate is generated.
  4.Add the device again. It should work now.
  REf: http://www.cisco.com/en/US/products/hw/vpndevc/ps4077/products_qanda_item09186a008025c533.shtml
  Do rate if it helped.
  Regards
  Sridhar

• When attempting to add an event to my calendar and I press "done," I receive a message that reads "Cannot Save Event." "That event does not belong to that event store." What can I do remedy this issue?

  When attempting to add an event to my calendar and I press "Done," I receive a message that reads "Cannot Save Event," "That event does not belong to that event store." How do I remedy this problem so I can add events and appointments to my calendar?

  i am having the exact same problem, same messages (no end date set; cannot save; no calendar set; event does not belong to that event store."
  it is unbelievable to me that this issue existed so long ago and hasn't been fixed. I just bought my first apple product (iphone4s) and am ready to toss it. Despite hours of searching on these forums I have been unable to find out how to fix my calendar. I have rebooted, adjusted settings to no avail. without a calendar, i can't use this product. Also, i am not technologically brilliant and can't handle the advanced fixes that some people recommend.
  question, is apple a product for the ignorant like me? or should i go back to nuts and bolts pc?
  all i really want is to be able to use the calendar without "uploading, reprogramming, contacting support offices for 3 hours, contacting network administrators, upgrading, switching fonts, changing operating systems.... etc. " I am just a regular person who needs a portable calendar.
  sorry to vent, but can anybody tell me (in simple terms) how to get my calendar to accept a simple apointment?
  thank you.

• IPS Event Viewer

  Hi,
  I can't seem to be able to view informational events in IPS Event Viewer real time dashboard, they don't appear. Under the monitoring tab on the sensor i can see them no problem. If i change the signature alert to either low medium or high i get them no problem. Also if i enable the graph in IEV i can see them in blue. They just won't appear in the Real Time dashboard.
  Does anybody have any idea's? I've also enabled the box to allow me to view them in IEV. I'm on a 4215 sensor running 5.1.5.
  Thanks in advance for your help!
  Andy

  Hi Andy,
  Open IEV. Click on Tools / Real Time Dashboard / Properties (Or Ctrl + P). It appears to me, upon IEV installation, Informational alerts may be exluded by default. Or it is also possible I excluded them on the machine I am looking at.
  I hope this helps,
  Mike

• Event store issues

  After upgrading my itunes account on my Iphone I am now having difficulties with my phones ical.  I cannot create new appointments.  Saying calendar is not set up and also event store issues.  How do I fix this?

  I have recently merged all my photos c6500 into one event and i was then splitting them back into years.  This worked ok for the first two splits but on the 3rd year I selected a photo being the first in the next year and then pressed event split.  The application immediately booted me out and now does not work. 

• CSM Alarming for IPS Events

  Hi Community,
  i´m new to Cisco Security Manager. Is it possible to trigger an Email Alarm when a High Risk IPS Event comes in? How can i configure this task?
  Thank you,
  Florian

  Hi Miguel,
  sadly i haven´t found Email Alarming directly in CSM. I solved it this way:
  I configured a Trap Receiver directly in the Cisco IPS Module. Every high risk event triggers a SNMP Trap. On the Trap Receiver itself i configured Email Alarming when this Trap comes in. Now the Administrator is informed and could log in to CSM and do deeper analyzing of the event with the CSM Software.
  Best Regards,
  Florian

• IPS Event Viewer settled in CSM

  Hi,
  I am working on preparing CSM to launch
  it until June, so I am in quite hurry.
  Morevoer I have got in trouble with IPS Event Viewer,
  so if you have any clues after checking the below`s explaination,
  Please let me have.
  1)Situation
  -testing CSM(3.1) and IPS Event Viewer(ver5.2)
  -made a test environment, in which a
  IPS is connected to CSM and let IPS
  break out alarms, to check if IEV is
  working well
  2.problem
  -No events are registered on the real-
  time table even though some events are
  being updated on Dashboard in real time.
  3.question
  -What is the wrong.
  -What is the solution.
  if you want any further information of
  this problem, please ask me.
  Thank You.

  hello,
  i am having the same problem , have you managed to solve it.
  Appreciate your help.

• How to copy Event store in AIP-ssm20 to TFTP

  Hi ,
  i can see all the log store in Cisco IPS module AIP-ssm20.
  How can i take a back up to these log to TFTP/FTP .
  Is there is any method to export these to log to external localtion such as tftp or ftp location.
  Regards,
  Prashant

  Hi,
  You can use IME or send the events via SDEE to an external server.
  https://supportforums.cisco.com/docs/DOC-12515
  HTH
  Luis Silva
  "If you need PDI (Planning, Design, Implement) assistance feel free to reach"
  http://www.cisco.com/web/partners/tools/pdihd.html

• IPS event monitor and reports not working

  Dear after upgrading my IPS from E3 to E4  the event monitor  and reports not working, can you please advice my to solve this issues

  Hi All,
  Filter settings below:
  The filter works partially as I don't get alerts on the IPS itself.
  Firewall LOG:
  4          Feb 14 2014          15:33:22                              39715                    514          IPS requested to drop UDP packet from SOURCE_VLAN_NUMBER:/39715 to DESTINATION_VLAN_NUMBER:/514
  IPS LOG (when enabled):
  evIdsAlert: eventId=1352793300955167909  vendor=Cisco  severity=low 
    originator:  
      hostId: SSM02 
      appName: sensorApp 
      appInstanceId: 1192 
    time: Feb 14, 2014 15:33:22 UTC  offset=0  timeZone=GMT00:00 
    signature:   description=IP Fragment Too Small  id=1206  version=S212  type=anomaly  created=20030801 
      subsigId: 0 
      sigDetails: Too many small IP fragments in datagram 
    interfaceGroup: vs0 
    vlan: 0 
    participants:  
      attacker:  
        addr: 172.x.x.x  locality=OUT 
        port: 39715 
      target:  
        addr: x.x.x.x  locality=OUT 
        port: 514 
        os:   idSource=unknown  type=unknown  relevance=relevant 
    alertDetails: InterfaceAttributes:  context="single_vf" physical="Unknown" backplane="GigabitEthernet0/1" ; 
    riskRatingValue: 50  targetValueRating=medium  attackRelevanceRating=relevant 
    threatRatingValue: 50 
    interface: GigabitEthernet0/1  context=single_vf  physical=Unknown  backplane=GigabitEthernet0/1 
    protocol: udp 
  Our next step is to make a service policy exception on the firewall itself. We are also considering reloading the IPS device or at least the analysis engine.
  Thanks for all your help so far. Any more suggestions are most welcome. I'll keep you up to date.
  Regards
  Mariusz