Windows Security Log Event ID 563
Operating Systems |
Windows Server 2000
Windows 2003 and XP
|
Category | Object Access |
Type
|
Success
|
Corresponding events
in Windows
2008 and Vista |
4659
|
563: Object Open for Delete
On this page
Event 563 does not get logged on normal file deletes. MS documentation says "An attempt was made to open an object with the intent to delete it. Note: This is used by file systems when the FILE_DELETE_ON_CLOSE flag is specified in Createfile().". For files opened exclusively by another program this flag is the only way to delete them.
Free Security Log Resources by Randy
- Object Server:
- Object Type:
- Object Name:
- New Handle ID:
- Operation ID:
- Process ID:
- Primary User Name:
- Primary Domain:
- Primary Logon ID:
- Client User Name:
- Client Domain:
- Client Logon ID:
- Accesses
- Privileges
Supercharger Free Edition