Critical Non Impact
Audit Policy Change
This alert condition indicates when audit policy was changed.
CryptoPrevent Monitor Service Not In Running State
CryptoPrevent Monitor Service- Not In Running State
CryptoPrevent Monitor Service Not In Running State [Unexpected]
CryptoPrevent Monitor Service- Not In Running State [Unexpected]
Possible Brute Force Attack
This alert condition indicates when user attempted to logon and it failed more than 25 times in 10 minutes.
Security Event Log Clear
This alert condition indicates when Security Event Log Cleared.
Security Notification Security Audit Log Was Cleared
Discription: AIS Monitoring Platform detected that security log on this system is cleared. Event 1102 is logged whenever the Security log is cleared, REGARDLESS of the status of the Audit System Events audit policy. The Account Name and Domain Name fields identify the user who cleared the log. Impact: Administrators will not able to analyze backdated events for if tracing is required.
Threshold Breached For Security Profile
This alert condition indicates when security profile threshold was breached.
User Account Added To Security Enabled Group
This alert condition indicates when User Account added under Security Enabled Group