DateTime
|
Date/Time of event origination in GMT format.
|
DateTime
|
10.10.2000 19:00:00
|
Source
|
Name of an Application or System Service originating the event.
|
Source
|
Security
|
Type
|
Warning, Information, Error, Success, Failure, etc.
|
Type
|
Success
|
User
|
Domain\Account name of user/service/computer initiating event.
|
User
|
RESEARCH\Alebovsky
|
Computer
|
Name of server workstation where event was logged.
|
Computer
|
DC1
|
EventID
|
Numerical ID of event. Unique within one Event Source.
|
EventId
|
576
|
Description
|
The entire unparsed event message.
|
Description
|
Special privileges assigned to new logon.
|
Log Name
|
The name of the event log (e.g. Application, Security, System, etc.)
|
LogName
|
Security
|
Category
|
A name for a subclass of events within the same Event Source.
|
Category
|
Logon/Logoff
|
Privileges
|
The list of assigned privileges
|
InsertionString10
|
SeSecurityPrivilege
|
Object Server
|
The name of the service handling the access request
|
InsertionString1
|
EventLog
|
Object Handle
|
ID of the handle of the object for operation on which the privilege has been granted
|
InsertionString2
|
0
|
Process ID
|
ID of the process operating on the object
|
InsertionString3
|
232
|
Primary User Name
|
For local access identifies the user attempting to excercise the privilege, for remote access identifies the server program used to excercise the privilege
|
InsertionString4
|
DCCC1$
|
Primary Domain
|
Domain of the Primary User Name
|
InsertionString5
|
LOGISTICS
|
Primary Logon ID
|
ID of the logon session of the Primary User Name account
|
InsertionString6
|
(0x0,0x3E7)
|
Client User Name
|
For local access this field is empty, for remote access identifies the user attempting to excercise the privilege
|
InsertionString7
|
ALebovsky
|
Client Domain
|
Domain of Client User Name
|
InsertionString8
|
LOGISTICS
|
Client Logon ID
|
ID of the logon session of the Client User Name account
|
InsertionString9
|
(0x0,0x1DE180)
|