keydet89
Additional events for eventmap.txt
Suggestion for additions:
https://www.nsa.gov/ia/_files/app/spotting_the_adversary_with_windows_event_log_monitoring.pdf Has a nice categorized list starting at page 25 with explanations and one page summary with categories / event IDs at page 8.
Other events not listed in it and that might be of interest: 4719 - https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventID=4719 4679 - https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventID=4697
Have you added any of these to your copy of eventmap.txt?
Sent from my iPhone7 running iOS 6.5
On Apr 24, 2015, at 2:43 AM, David André [email protected] wrote:
https://www.nsa.gov/ia/_files/app/spotting_the_adversary_with_windows_event_log_monitoring.pdf Has a nice categorized list starting at page 25 with explanations and one page summary with categories / event IDs at page 8.
Other events not listed in it and that might be of interest: 4719 - https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventID=4719 4679 - https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventID=4697
— Reply to this email directly or view it on GitHub.
