Solved

Filter security event logs to exclude event log description

Posted on 2013-10-30
1
1,773 Views
Last Modified: 2013-10-31
I am using Windows Server 2008 R2 and setup auditing to generate event log when a file gets deleted.
 
For this I have setup a custom filter with name 'File Auditing', the problem is event log is capturing event wherein a deleting is generated when a user save a close word\excel file, this event log contain file name extension as temp file.
 
How to exclude event log which have the word 'temp' in event description.
 
I think we can achieve this by editing XML property of event log filtering.
0
Comment
Question by:Satish Auti
1 Comment
 
LVL 18

Accepted Solution

by:
Sarang Tinguria earned 500 total points
ID: 39611082
0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Security measures require Windows be logged in using Standard User login (not Administrator).  Yet, sometimes an application has to be run “As Administrator” from a Standard User login.  This paper describes how to create a shortcut icon to launch a…
You might have come across a situation when you have Exchange 2013 server in two different sites (Production and DR). After adding the Database copy in ECP console it displays Database copy status unknown for the DR exchange server. Issue is strange…
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…

786 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question