DateTime
|
Date/Time of event origination in GMT format.
|
DateTime
|
10.10.2000 19:00:00
|
Source
|
Name of an Application or System Service originating the event.
|
Source
|
Security
|
Type
|
Warning, Information, Error, Success, Failure, etc.
|
Type
|
Success
|
User
|
Domain\Account name of user/service/computer initiating event.
|
User
|
RESEARCH\Alebovsky
|
Computer
|
Name of server workstation where event was logged.
|
Computer
|
DC1
|
EventID
|
Numerical ID of event. Unique within one Event Source.
|
EventId
|
576
|
Description
|
The entire unparsed event message.
|
Description
|
Special privileges assigned to new logon.
|
Log Name
|
The name of the event log (e.g. Application, Security, System, etc.)
|
LogName
|
Security
|
Category
|
A name for a subclass of events within the same Event Source.
|
Category
|
AttestationReview
|
Whom
|
The object name to which the activity was applied.
|
InsertionString1
|
|
Client Computer
|
|
InsertionString13
|
10.0.0.1
|
Request ID
|
|
InsertionString12
|
{CE149FF1-60EC-45C2-849B-64A41779CB81}
|
Object DN
|
|
InsertionString1
|
CN={CABC510B-5D32-4202-A000-36ED89222065},CN=Policies,CN=System,DC=research,DC=corp
|
Object Class
|
|
InsertionString2
|
groupPolicyContainer
|
Object GUID
|
|
InsertionString3
|
{5ADBBF6C-CC17-4C69-8E3E-A01900C77AAB}
|
Action
|
|
InsertionString4
|
ACE Addition
|
Trustee
|
|
InsertionString6
|
CREATOR OWNER
|
Trustee Type
|
|
InsertionString7
|
Well Known Group
|
Inherited
|
|
InsertionString8
|
No
|
Applied to
|
|
InsertionString9
|
Child objects only
|
Old Access Type
|
|
InsertionString10
|
<not set>
|
New Access Type
|
|
InsertionString11
|
Create All Child Objects, Delete All Child Objects, List Child Objects, All Validated Writes, Read All Properties, Write All Properties, Delete Subtree, List Contents, Delete, Read Permissions, Modify Permissions, Modify Owner
|
Permission Type
|
|
InsertionString5
|
Permission Allow
|