SIEM Windows Event Log Alerts

.

AIS Managed SIEM

SIEM Events

LogonGUID 0 and LogonType 10
Remote Interactive Logons
Server Admin Logon
Sensitive Privilege Use
Service Control Manager Error
An operation was attempted on a privileged object
A user right was assigned
Active Directory Group Membership Changed

Last modified September 14, 2021