Advanced Search

Find Events that have all these words: this exact phrase: and log type equals to: select Any Windows Event Log VMware Infrastructure Events and log name equals to: select Application Security System InTrust for AD InTrust for Exchange Quest File Access Audit and event type equals to: select Any Success Error Warning Information Success Audit Failure Audit and source equals to: and category equals to: select Any and task category equals to: select Any Account Lockout Application Generated Application Group Management Audit Policy Change Authentication Policy Change Authorization Policy Change Central Access Policy Staging Certification Services Computer Account Management Credential Validation Detailed Directory Service Replication Detailed File Share Directory Service Access Directory Service Changes Directory Service Replication Distribution Group Management DPAPI Activity Event Processing File Share File System Filtering Platform Connection Filtering Platform Packet Drop Filtering Platform Policy Change Group Membership Handle Manipulation IPsec Driver IPsec Extended Mode IPsec Main Mode IPsec Quick Mode Kerberos Authentication Service Kerberos Service Ticket Operations Kernel Object Log Automatic Backup Log Clear Logoff Logon MPSSVC Rule-Level Policy Change Network Policy Server Non Sensitive Privilege Use Other Account Logon Events Other Account Management Events Other Logon/Logoff Events Other Object Access Events Other Policy Change Events Other Privilege Use Events Other System Events Plug and Play Events Process Creation Process Termination Registry Removable Storage RPC Events SAM Security Group Management Security State Change Security System Extension Sensitive Privilege Use Service Shutdown Special Special Logon System Integrity Token Right Adjusted Events User / Device Claims User Account Management and EventID equals to: and classification equals to: select Any Events by Business Needs Events by Sources and OS Version equals to: select Any Windows 2000 Windows XP Windows 2003 Windows Vista (2008) Windows 7 (2008 R2) Windows 8 (2012) Windows 8.1 (2012 R2) Windows 10 (2016) But don't show events that have any of these unwanted words: this exact phrase: