Windows Security Log Events
All Sources
Windows Audit
SharePoint Audit
(
LOGbinder for SharePoint
)
SQL Server Audit
(
LOGbinder for SQL Server
)
Exchange Audit
(
LOGbinder for Exchange
)
Sysmon
(
MS Sysinternals Sysmon
)
Windows Audit Categories:
All categories
Account Logon
Account Management
Directory Service
Logon/Logoff
Non Audit (Event Log)
Object Access
Policy Change
Privilege Use
Process Tracking
System
Uncategorized
Subcategories:
All subcategories
Account Lockout
Group Membership
IPsec Extended Mode
IPsec Main Mode
IPsec Quick Mode
Logoff
Logon
Network Policy Server
Other Logon/Logoff Events
Special Logon
Windows Versions:
All events
Win2000, XP and Win2003 only
Win2008, Win2012R2, Win2016 and Win10+, Win2019
Required when sub-category selected.
Category:
Logon/Logoff
Subcategory:
IPsec Extended Mode
Windows
4978
During Extended Mode negotiation, IPsec received an invalid negotiation packet.
Stay up-to-date on the Latest in Cybersecurity
Sign up for the Ultimate IT Security newsletter to hear about the latest webinars, patches, CVEs, attacks, and more.
Work Email:
Upcoming Webinars
Live, Hands-on Deep-Dive into LLM Hacking: Prompt Injection, Model Context Protocol and Skills
AD Certificate Services: A Massive Chunk of Windows Security Functionality Finally Gets the Security Research It Deserves
Linux Security: Locking Down Admin Access with SSH and Sudo
Understanding Broken Object Level Authorization: The Quiet Access Control Failure Undermining Today’s Apps
Additional Resources
Encyclopedia
•
Event IDs
•
All Event IDs
•
Audit Policy
Go To Event ID:
Security Log
Quick Reference
Chart
Download now!
Tweet
User name:
Password:
/
Forgot?
Register
January 2026
Patch Tuesday
"Patch Tuesday - Starting 2026 with a Bang; 3 Zero Days " - sponsored by LOGbinder and Supercharger
Home
Cookies help us deliver the best experience on our website. By using our website, you agree to the use of cookies.