Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.
Event Type: Failure Audit Event Source: Security Event Category: Logon/Logoff Event ID: 529 Date: 5/3/2011 Time: 5:38:30 PM User: NT AUTHORITY\SYSTEM Computer: NIRA-SERVER4 Description: Logon Failure: Reason: Unknown user name or bad password User Name: accounting Domain: NIRA Logon Type: 10 Logon Process: User32 Authentication Package: Negotiate Workstation Name: NIRA-SERVER4 Caller User Name: NIRA-SERVER4$ Caller Domain: NIRA Caller Logon ID: (0x0,0x3E7) Caller Process ID: 5140 Transited Services: - Source Network Address: 220.127.116.11 Source Port: 62287
Event Type: Failure Audit Event Source: Security Event Category: Account Logon Event ID: 672 Date: 5/3/2011 Time: 5:38:30 PM User: NT AUTHORITY\SYSTEM Computer: NIRA-SERVER4 Description: Authentication Ticket Request: User Name: accounting Supplied Realm Name: NIRA User ID: - Service Name: krbtgt/NIRA Service ID: - Ticket Options: 0x40810010 Result Code: 0x6 Ticket Encryption Type: - Pre-Authentication Type: - Client Address: 127.0.0.1 Certificate Issuer Name: Certificate Serial Number: Certificate Thumbprint:
Join the community of 500,000 technology professionals and ask your questions.
Connect with top rated Experts
18 Experts available now in Live!