|
DateTime
|
Date/Time of event origination in GMT format.
|
DateTime
|
10.10.2000 19:00:00
|
|
Source
|
Name of an Application or System Service originating the event.
|
Source
|
Security
|
|
Type
|
Warning, Information, Error, Success, Failure, etc.
|
Type
|
Success
|
|
User
|
Domain\Account name of user/service/computer initiating event.
|
User
|
RESEARCH\Alebovsky
|
|
Computer
|
Name of server workstation where event was logged.
|
Computer
|
DC1
|
|
EventID
|
Numerical ID of event. Unique within one Event Source.
|
EventId
|
576
|
|
Description
|
The entire unparsed event message.
|
Description
|
Special privileges assigned to new logon.
|
|
Log Name
|
The name of the event log (e.g. Application, Security, System, etc.)
|
LogName
|
Security
|
|
Category
|
A name for a subclass of events within the same Event Source.
|
Category
|
Logon/Logoff
|
|
Primary User Name
|
Name of the account under which the registration service is running
|
InsertionString1
|
206602-DB1$
|
|
Primary Domain
|
Domain of the Primary User
|
InsertionString2
|
ANNADOMAIN
|
|
Primary Logon ID
|
ID of the logon session of the Primary User Name account
|
InsertionString3
|
(0x0,0x3E7)
|
|
Client User Name
|
Name of the account initiating the action
|
InsertionString4
|
206602-DB1$
|
|
Client Domain
|
Domain of the Client User
|
InsertionString5
|
ANNADOMAIN
|
|
Client Logon ID
|
ID of the logon session of the Client User Name account
|
InsertionString6
|
(0x0,0x3E7)
|
|
Source Name
|
Source name as shown in security log
|
InsertionString7
|
IIS-METABASE
|
|
Process ID
|
ID of the process that unregistered the event source
|
InsertionString8
|
1239
|
|
Event Source ID
|
ID of the unregistered event source
|
InsertionString9
|
(0x0,0x105DC)
|