Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 376
  • Last Modified:

What audit event creates the Event ID 540 in the Security Log of a DC?

Hi, I was wondering, what audit event creates the Event ID 540 appear in the Security Log of a DC?

Audit account logon events
OR
Audit logon events

Just wondering.

Thanks for your time.

Bob
0
rsnellman
Asked:
rsnellman
  • 2
1 Solution
 
Mike KlineCommented:
http://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=540
Randy has a good entry on event 540 here, he says it better than I can :)
Thanks
Mike
0
 
bluntTonyCommented:
Event 540 indicates a succuessful logon to a network resource, such as a shared drive.

http://kb.monitorware.com/kbeventdb-detail-id-14.html

As they are logon type 3 (network) they are generated through 'audit logon events'
0
 
bluntTonyCommented:
Description of what's logged through 'Account Logon Events' : http://technet.microsoft.com/en-us/library/cc787176(WS.10).aspx

Description of what's loggeg through 'Logon Events' : http://technet.microsoft.com/en-us/library/cc787567(WS.10).aspx

Each page shows a table of events each audit policy captures.


0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now