/
Threat Indicators Generated from Windows Events
Use https://seceonhelp.freshdesk.com/support/login to access updated Knowledge Base Articles, Submit Technical Support Tickets and Review Status of submitted support tickets.
Threat Indicators Generated from Windows Events
- Customer Success & Engineering (Unlicensed)
| S. No | Device Type | Threat Indicators generated |
|---|---|---|
| 1. | Windows OS/Windows AD | Window Defender |
| Host Login Success / Host Login Failure | ||
| Object Access Status | ||
| Account Lockout | ||
| Account Created / Enabled | ||
| Account Deleted / Disabled | ||
| Privilege Change | ||
| Network Logout | ||
| Directory Service Status | ||
| System Time | ||
| Group Policy Object | ||
| Password Change / Reset | ||
| 2. | MSSQL | Login Success |
| Login Failure | ||
| Application | ||
| Object Access Status | ||
| 3. | Windows IIS | Web Exploit |
| 4. | Windows DNS | Suspicious Domain |
| 5. | Windows DHCP | Application |
| 6. | Windows SMTP | Email Info |
| 7. | MS Exchange | Email Info |
, multiple selections available,
Related content
Nxlog configuration for MS Exchange server-2016
Nxlog configuration for MS Exchange server-2016
Read with this
Sysmon Installation and Logs configuration
Sysmon Installation and Logs configuration
More like this
From Source Windows Server
From Source Windows Server
Read with this
Questions on Feed and Detection
Questions on Feed and Detection
More like this
Event Collection at Windows Collector Server
Event Collection at Windows Collector Server
Read with this
Seceon Hardware Specifications
Seceon Hardware Specifications
More like this
Seceon Inc. All rights reserved. https://www.seceon.com