|
When
|
At what date and time a user activity originated in the system.
|
DateTime
|
1/1/2000
|
|
Who
|
Account or user name under which the activity occured.
|
User
|
SomeUser
|
|
What
|
The type of activity occurred (e.g. Logon, Password Changed, etc.)
|
"Group Member Added"
|
Group Member Added
|
|
Where
|
The name of the workstation/server where the activity was logged.
|
Computer
|
10.10.10.10
|
|
Where From
|
The name of the workstation/server where the activity was initiated from.
|
Client Computer
|
10.0.0.2
|
|
Severity
|
Specify the seriousness of the event.
|
"Medium"
|
Medium
|
|
WhoDomain
|
|
-
|
|
|
WhereDomain
|
|
-
|
|
|
Result
|
Successful or Failed
|
"Successful"
|
Successful
|
|
Object Name
|
|
Object DN
|
CN=Machine,CN={CABC510B-5D32-4202-A000-36ED89222065},CN=Policies,CN=System,DC=research,DC=corp
|
|
Object Type
|
|
Object Class
|
container
|
|
Whom
|
|
New Value
|
Machine
|
|
Property Name
|
LDAP DisplayName of the AD object property
|
Attribute Name
|
CN
|
|
Value Before
|
Property value before the change
|
Old Value
|
<not set>
|
|
Value After
|
Property value after the change
|
InsertionString7
|
Machine
|
|
Whom
|
Target group
|
-
|
|
|
Group Name
|
Group Name
|
InsertionString1
|
CN=Machine,CN={CABC510B-5D32-4202-A000-36ED89222065},CN=Policies,CN=System,DC=research,DC=corp
|
|
Member Name
|
Member Name
|
InsertionString7
|
Machine
|
|
Whom
|
Account or user name being managed.
|
-
|
|