Exchange Admin Audit Log Event ID 25672
25672: Remove-MalwareFilterRule Exchange cmdlet issued
This is an event from
Exchange
audit event from
LOGbinder EX
generated by
.
On this page
See also the TechNet article on the Remove-MalwareFilterRule cmdlet.
Free Security Log Resources by Randy
| Field | Description |
|---|
| Occurred | Date and time when Exchange registered the cmdlet. |
| Cmdlet | The cmdlet that was issued. |
| Performed by | The user who issued the cmdlet. |
| Succeeded | "Yes", if succeeded, "No", otherwise. |
| Error | "None", if the cmdlet resulted in no error, the error message otherwise. |
| Originating server | The host name of the server. |
| Object modified | The object that was modified by the cmdlet. |
| Parameters | The list of parameters, listing them by the parameter''s Name and Value. |
| Modified properties | Modified properties, if any (otherwise "n/a"). |
| Additional information | Additional information, if any (otherwise "n/a"). |
Supercharger Enterprise
This Event Is Produced By
Which Integrates with Your SIEM
Remove-MalwareFilterRule Exchange cmdlet issued
Occurred: 3/16/2015 2:18:47 PM
Cmdlet: Remove-MalwareFilterRule
Performed by: lb.local/Users/Administrator
Succeeded: Yes
Error: None
Originating server: DEV1 (15.00.1044.021)
Object modified: testmalwarefilterrule
Parameters
Name: Confirm, Value: [False]
Name: Identity, Value: [testmalwarefilterrule]
Modified Properties
n/a
Additional information: ExternalAccess= [false]; CmdletParameters/Parameter/Name= [Confirm]; CmdletParameters/Parameter/Value= [False]; CmdletParameters/Parameter/Name= [Identity]; CmdletParameters/Parameter/Value= [testmalwarefilterrule]
For more information, see http://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=25672
Top 10 Windows Security Events to Monitor
Free Tool for Windows Event Collection