Windows Security Log Events
All Sources
Windows Audit
SharePoint Audit
(
LOGbinder for SharePoint
)
SQL Server Audit
(
LOGbinder for SQL Server
)
Exchange Audit
(
LOGbinder for Exchange
)
Sysmon
(
MS Sysinternals Sysmon
)
Windows Audit Categories:
All categories
Account Logon
Account Management
Directory Service
Logon/Logoff
Non Audit (Event Log)
Object Access
Policy Change
Privilege Use
Process Tracking
System
Uncategorized
Subcategories:
All subcategories
Account Lockout
Group Membership
IPsec Extended Mode
IPsec Main Mode
IPsec Quick Mode
Logoff
Logon
Network Policy Server
Other Logon/Logoff Events
Special Logon
Windows Versions:
All events
Win2000, XP and Win2003 only
Win2008, Win2012R2, Win2016 and Win10+, Win2019
Required when sub-category selected.
Category:
Logon/Logoff
Subcategory:
Logon
Windows
4624
An account was successfully logged on
Windows
4625
An account failed to log on
Windows
4626
User/Device claims information
Windows
4648
A logon was attempted using explicit credentials
Windows
4675
SIDs were filtered
Stay up-to-date on the Latest in Cybersecurity
Sign up for the Ultimate IT Security newsletter to hear about the latest webinars, patches, CVEs, attacks, and more.
Work Email:
Upcoming Webinars
Additional Resources
Encyclopedia
•
Event IDs
•
All Event IDs
•
Audit Policy
Go To Event ID:
Security Log
Quick Reference
Chart
Download now!
Tweet
User name:
Password:
/
Forgot?
Register
December 2024
Patch Tuesday
"Patch Tuesday - 2 Zero Days...See You in 2025! " - sponsored by LOGbinder
Home
Cookies help us deliver the best experience on our website. By using our website, you agree to the use of cookies.