Server Admin Logon

Configuration

Query

LogonGuid:\{00000000\-0000\-0000\-0000\-000000000000\} AND LogonType:10

Config

Key | Value — | — type | aggregation-v1 query | LogonGuid:\{00000000\-0000\-0000\-0000\-000000000000\} AND LogonType:10 streams | [5f74fe0891d2ba1b645adb8d] conditions | {expression:null} search_within_ms | 3600000 execute_every_ms | 3600000

SIEM Windows Event Log Alerts

.


Last modified October 8, 2020