Additional events for eventmap.txt

[elhoim]

Suggestion for additions:

https://www.nsa.gov/ia/_files/app/spotting_the_adversary_with_windows_event_log_monitoring.pdf
Has a nice categorized list starting at page 25 with explanations and one page summary with categories / event IDs at page 8.

Other events not listed in it and that might be of interest:
4719 - https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventID=4719
4679 - https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventID=4697

[keydet89]

Have you added any of these to your copy of eventmap.txt?

Sent from my iPhone7 running iOS 6.5

On Apr 24, 2015, at 2:43 AM, David André notifications@github.com wrote:

https://www.nsa.gov/ia/_files/app/spotting_the_adversary_with_windows_event_log_monitoring.pdf
Has a nice categorized list starting at page 25 with explanations and one page summary with categories / event IDs at page 8.

Other events not listed in it and that might be of interest:
4719 - https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventID=4719
4679 - https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventID=4697

—
Reply to this email directly or view it on GitHub.