Event Log Service Shutdown
(Security Log) Event Log Service Shutdown Event Source - Microsoft-Windows-EventLog - Event Log - Security
Configuration
Query
EventID:1100
Config
Key | Value — | — type | aggregation-v1 query | EventID:1100 streams | [5f74fe0891d2ba1b645adb8d] conditions | {expression:null} search_within_ms | 3600000 execute_every_ms | 3600000
Windows Clearing Event Logs
When an event log gets cleared, it is often suspicious.
Last modified
October 12, 2020