GithubHelp home page GithubHelp logo

mdecrevoisier / microsoft-eventlog-mindmap Goto Github PK

View Code? Open in Web Editor NEW
985.0 48.0 180.0 125.15 MB

Set of Mindmaps providing a detailed overview of the different #Microsoft auditing capacities for Windows, Exchange, Azure,...

License: BSD 2-Clause "Simplified" License

mindmap evtx windows incident-response azure exchange active-directory

microsoft-eventlog-mindmap's People

Contributors

mdecrevoisier avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Forkers

ceyhuncamli superuser5 tomyang9 spiderhehehoho andresrt zha0 legly cybersecops miragshin josemezavila mucoaga invokethreatguy securityanalysts alekseylekontsev markbirss stefanaustin fmoerdel thamer-ctrl vcanev sensi-1337 sulaimanzai timb-machine-mirrors torsolaso joker2013 abneco adeafmute hotelzululima fernandogssilva an0n4ce neylopez zpaav fengjixuchui whoo semahba fiskeren 3m1za4 pparaujo polashneog shahsaurabh81 jeromeyoung nocomp konvictt77 johto89 cyb3rid10ts pirenga ericdelasecu pabit csh0tforks j0s3ph-c7 kakawome m1z0x chfl4gs efarefyev md-layek marciopocebon bikemaker bb1nfosec conghien y0d4a hmidani-abdelilah jertwaz subhashc ammasajan redbeard-92 sts0mrg0 ltvthang oliwex danwlew gulmirax mrbin-99 hpvca totoroha cudeso jaekeledv m4now4r balaasif6789 onesorzer0es imichelakos 7a6570 orinocoz euschang lyrl din-maxway wuqifei kungbim tecnomiky thanht32 cagivajsp skirankumar signalblur bcp-infosec-repo wisdark hu-ma jclingensmith joel-correa sumeetit imitator228 dawnadvent rakhithjk jasoncheng7115

microsoft-eventlog-mindmap's Issues

Great project. Would you consider an additional Event ID

Hi Michel
Great work. The mindmaps are brilliant, thank you for a great resource.

I don't know if you consider adding additional event id's, here is my suggestion

Some environments monitor printing and would benefit from having print name jobs in the event logs.
Microsoft-Windows-PrintService/Operational
Event ID: 307

Requires GPO
Computer Configuration -> Policies -> Administrative Templates -> Printers
Allow job name in event logs: Enabled

And KB2919355 must be installed
REF: https://social.technet.microsoft.com/Forums/windowsserver/en-US/cc1d8cf1-9f19-47f4-bc6f-5e771d5909e6/windows-2012-r2-kb2919355-installed-quotallow-job-name-in-event-logsquot-enabled-in-gpo-but?forum=winserverprint

eventid 4624 description

Hi there!
The 4624 eventid is wrong - the right description is "An Account Was Successfully Logged On"
If you want to add the eventid 4634, that's the one related to "An account was logged off"

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.