Windows security log

Enter eventvwr.msc during operation to open the event log.

Login type Description
2 Interaction (keyboard and screen login system)
3 Network (that is, connect to the shared folder from other places (Internet on this computer)
4 Batch processing (i.e. scheduled tasks)
5 Service (service start)
7 Unlock password protection screen saver Program (i.e. unnattended workstation)
8 NetworkCleartext (login credentials are sent in plain text. It usually means the same as “basic Authentication” to log in to IIS)
9 NewCredentials such as RunAs or mapped network drives to replace credentials. This login type does not appear to appear in any event
10   Terminal Services, Remote Desktop or Remote Assistance
11 Cachedinteractive (logging in to a laptop and other remote networks with cached domain login credentials

Common Windows event ID description

In the information recorded in the Windows event log, the key elements include event level, recording time, event source description, involved users, Computer, operation code and task category, etc. The ID of the event is related to the version of the operating system. The operating system of the event ID listed below is the version after Vista/win7/win8/win10/server2008/server2012

< td>Clean up the audit log

< td>Account login failed

< td>Add members to security-enabled universal groups

< /tr>

Event ID Description
1102
4624 The account is successfully logged in
4625
4768 kerberos authentication (TGT Request)
4769 kerberos service ticket request
4776 NTLM authentication
4720 Create user
4726 Delete User
4728 Add members to a security-enabled global group
4729

Remove members from the safe entire crew
4732 Add members to the security-enabled local group
4733 Remove members from security-enabled local groups
4756
4757 Remove members from security-enabled universal groups
4719 System audit policy modification

WordPress database error: [Table 'yf99682.wp_s6mz6tyggq_comments' doesn't exist]
SELECT SQL_CALC_FOUND_ROWS wp_s6mz6tyggq_comments.comment_ID FROM wp_s6mz6tyggq_comments WHERE ( comment_approved = '1' ) AND comment_post_ID = 5612 ORDER BY wp_s6mz6tyggq_comments.comment_date_gmt ASC, wp_s6mz6tyggq_comments.comment_ID ASC

Leave a Comment

Your email address will not be published.