|
When
|
At what date and time a user activity originated in the system.
|
DateTime
|
12/14/2009 6:59:09 AM
|
|
Who
|
Account or user name under which the activity occured.
|
Caller User Name
|
Alebovsky
|
|
What
|
The type of activity occurred (e.g. Logon, Password Changed, etc.)
|
"Group Member Removed"
|
Group Member Removed
|
|
Where
|
The name of the workstation/server where the activity was logged.
|
Computer
|
DC1
|
|
Where From
|
The name of the workstation/server where the activity was initiated from.
|
-
|
10.10.10.10
|
|
Severity
|
Specify the seriousness of the event.
|
"Medium"
|
Medium
|
|
WhoDomain
|
|
Caller Domain
|
RESEARCH
|
|
WhereDomain
|
|
-
|
|
|
Whom
|
Account or user name being managed.
|
Member ID
|
{S-1-5-21-184992632-1607737289-1287950321-1178}
|
|
Member Name
|
Account name of added/removed group member
|
Member Name
|
cn=Paul,ou=Project Managers,dc=research,dc=corp
|
|
Group Type
|
The type of group: security or distribution.
|
"Distribution"
|
Distribution
|
|
Group Scope
|
The scope of group: local, global, universal
|
"Local"
|
Local
|
|
Group Name
|
|
-
|
|
|
Group Domain
|
|
-
|
|
|
Affected group
|
The group affected by changes
|
Target Account ID
|
{S-1-5-21-184992632-1607737289-1287950321-1190}
|