|
DateTime
|
Date/Time of event origination in GMT format.
|
DateTime
|
10.10.2000 19:00:00
|
|
Source
|
Name of an Application or System Service originating the event.
|
Source
|
Security
|
|
Type
|
Warning, Information, Error, Success, Failure, etc.
|
Type
|
Success
|
|
User
|
Domain\Account name of user/service/computer initiating event.
|
User
|
RESEARCH\Alebovsky
|
|
Computer
|
Name of server workstation where event was logged.
|
Computer
|
DC1
|
|
EventID
|
Numerical ID of event. Unique within one Event Source.
|
EventId
|
576
|
|
Description
|
The entire unparsed event message.
|
Description
|
Special privileges assigned to new logon.
|
|
Log Name
|
The name of the event log (e.g. Application, Security, System, etc.)
|
LogName
|
Security
|
|
Category
|
A name for a subclass of events within the same Event Source.
|
Category
|
Logon/Logoff
|
|
Service Name
|
The internal system name of the newly installed service
|
InsertionString1
|
SNMPTRAP
|
|
Service File Name
|
Full Path and name of the executable
|
InsertionString2
|
C:\Windows\system32\snmptrap.exe
|
|
Service Type
|
The code for the type of service. Indicates how the service is used by the system.
|
InsertionString3
|
16
|
|
Service Start Type
|
Automatic - starts with the Operating System boot-up, Manual - starts when explicitly executed by user, Disabled - should be turned to Automaitc or Manual to be started
|
InsertionString4
|
3
|
|
Service Account
|
Name of the account under which the service is started
|
InsertionString5
|
NT AUTHORITY\LocalService
|
|
User Name
|
Account name of the user attempting to install the service
|
InsertionString6
|
Alebovsky
|
|
Domain
|
Domain of the user attempting to install the service
|
InsertionString7
|
RESEARCH
|
|
Logon ID
|
Logon ID of the logon session during which user attempted to install the service. Allows to correlate to other user activity during the same logon session, e.g. when user initially logged on.
|
-
|
|