| Event Id | 465 |
| Source | ESE |
| Description | <process name> (<process id>) <storage group name>Corruption was detected during soft recovery in logfile <file name>. The failing checksum record is located at position <value>. Data not matching the log-file fill pattern first appeared in sector <value>. This logfile has been damaged and is unusable. |
| Event Information | According to Microsoft: EXPLANATION: A transaction log has become corrupted. If the problems in the log file are only torn writes, they will be corrected by the Jet engine. If the problems cannot be repaired, the database rejects rather than applies the data, logging an event in the application log similar to the following: Corruption was detected during soft recovery in the log file. This log file has been damaged and is unusable. This issue can occur if the log mentioned in the Event has become corrupted. Exchange cannot repair damage to log files because of factors other than torn writes, which will be fixed automatically by the ESE engine. Hardware failures that randomly damage a log file cannot be overcome because the data that was obliterated cannot be reliably reconstructed. ESE event 465 indicates damage that cannot be repaired. USER ACTION: 1. Locate a good copy of the damaged log file. There may be another copy on either an Exchange online backup or a recent server backup. 2. Discard the damaged log file and all log files newer than it. Then restore a known good online backup of the Exchange database. You will lose data past the time that the damaged log file was created. 3. If neither solution is feasible, restore the database to consistency using the "hard repair" (/p) functionality of the Eseutil utility, run isinteg -fix until all fixes are removed, and then mount the database and ExMerge to a new, blank database. Before doing this, you should always back up all database files in a Storage Group (*.log files, *.edb files and *.stm files). |
| Reference Links | Exchange (ESE) |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.