When
|
At what date and time a user activity originated in the system.
|
DateTime
|
10.10.2000 19:00:00
|
Who
|
Account or user name under which the activity occured.
|
Subject: Account Name
|
ALebovsky
|
What
|
The type of activity occurred (e.g. Logon, Password Changed, etc.)
|
"Group Created"
|
Group Created
|
Where
|
The name of the workstation/server where the activity was logged.
|
Computer
|
DC1
|
Where From
|
The name of the workstation/server where the activity was initiated from.
|
-
|
10.10.10.10
|
Severity
|
Specify the seriousness of the event.
|
"Medium"
|
Medium
|
WhoDomain
|
|
Subject: Account Domain
|
LOGISTICS
|
WhereDomain
|
|
-
|
|
Whom
|
Account or user name being managed.
|
Group: Security ID
|
S-1-5-21-1135140816-2109348461-2107143693-1159
|
Group Type
|
Type of group: security or distribution.
|
"Distribution"
|
Distribution
|
Group Scope
|
Scope of group: local, global, universal.
|
"Global"
|
Global
|
Group Name
|
|
Group: Group Name
|
Employees_global_distrib
|
Group Domain
|
|
Group: Group Domain
|
LOGISTICS
|
Affected Group
|
|
InsertionString3
|
S-1-5-21-1135140816-2109348461-2107143693-1159
|
SAM Account Name
|
|
Attributes: SAM Account Name
|
Employees_global_distrib
|
SID History
|
|
Attributes: SID History
|
-
|