When
|
At what date and time a user activity originated in the system.
|
DateTime
|
10.10.2000 19:00:00
|
Who
|
Account or user name under which the activity occured.
|
Subject: Account Name
|
-
|
What
|
The type of activity occurred (e.g. Logon, Password Changed, etc.)
|
"AD Object was modified"
|
AD Object was modified
|
Where
|
The name of the workstation/server where the activity was logged.
|
Computer
|
DC1
|
Where From
|
The name of the workstation/server where the activity was initiated from.
|
-
|
10.10.10.10
|
Severity
|
Specify the seriousness of the event.
|
"Medium"
|
Medium
|
WhoDomain
|
|
Subject: Account Domain
|
-
|
WhereDomain
|
|
-
|
|
Result
|
Successful or Failed
|
"Successful"
|
Successful
|
Object Name
|
|
Object: DN
|
CN={31B2F340-016D-11D2-945F-00C04FB984F9},CN=Policies,CN=System,DC=Logistics,DC=corp
|
Object Type
|
|
Object: Class
|
groupPolicyContainer
|
Whom
|
|
-
|
|
Object DN
|
The X.400 distinguished name of the object
|
InsertionString9
|
CN={31B2F340-016D-11D2-945F-00C04FB984F9},CN=Policies,CN=System,DC=Logistics,DC=corp
|
Object ID
|
The globally unique identifier of the object, or the DN
|
Object: ID
|
{09F06385-049C-4B85-AD8A-3755BECB8792}
|