Windows Security Log Events

All Sources
Windows Audit
SharePoint Audit (LOGbinder for SharePoint)
SQL Server Audit (LOGbinder for SQL Server)
Exchange Audit (LOGbinder for Exchange)
Sysmon (MS Sysinternals Sysmon)

Windows Audit Categories:

Subcategories:

Windows Versions:

All events

Win2000, XP and Win2003 only

Win2008, Win2012R2, Win2016 and Win10+, Win2019

Required when sub-category selected.

Category: Logon/Logoff
Subcategory: Logon

Windows	4624	An account was successfully logged on
Windows	4625	An account failed to log on
Windows	4626	User/Device claims information
Windows	4648	A logon was attempted using explicit credentials
Windows	4675	SIDs were filtered

Upcoming Webinars

Additional Resources

Encyclopedia

•	Event IDs
•	All Event IDs
•	Audit Policy

Go To Event ID:

Must be a 1-5 digit number No such event ID

Security Log
Quick Reference
Chart
Download now!

User name:
Password:
	/ Forgot?
	Register

July 2024 Patch Tuesday	"Patch Tuesday - Four Zero Days " - sponsored by Supercharger for Windows Event Collection

Follow @randyfsmith

About | Newsletter | Contact

Ultimate IT Security is a division of Monterey Technology Group, Inc. ©2006-2024 Monterey Technology Group, Inc. All rights reserved.
Disclaimer: We do our best to provide quality information and expert commentary but use all information at your own risk. For complaints, please contact abuse@ultimatewindowssecurity.com.