Windows Security Log

This Page is locked
Modified: 2008/01/14 21:31 by Randy Franklin Smith - Uncategorized
This primary content area of WinSecWiki provides in-depth coverage of the poorly understood, poorly documented, shadowy evirons of the Windows Security Log. There are 2 major versions of the Windows security log: pre-Vista and post-Vista. With Vista and Windows Server 2008 all the event IDs change, you get audit subcategories, a new XML format and more.



For a list of all Security Log Events (several hundred),

Edit

This section of WinSecWiki

I've made every effort to produce every security event in all versions of the Windows Security Log. For each event I try to provide:
  • Concise explanation of what the event means and when it gets logged.
  • One or more examples from actual logs
  • Explanation of each field in the description and documentation of arcane code values

Additional Links

A
D
V

Sick of LimitLogin? Get UserLock for real logon control

NEW! GFI EventsManager 8 Extends Event Management Capabilities. Find Out More.

Get Randy's Security Log Resource Kit

Ultimate Windows Security is a division of Monterey Technology Group, Inc. ©2006-2008 Monterey Technology Group, All rights reserved. Disclaimer: We do our best to provide quality information and expert commentary but use all information at your own risk. Terms and conditions.