Event ID: 552

Logon attempt using explicit credentials

Logon attempt using explicit credentials:
 Logged on user:
    User Name:         %1
    Domain:            %2
    Logon ID:          %3
    Logon GUID:        %4
 User whose credentials were used:
    Target User Name:  %5
    Target Domain:     %6
    Target Logon GUID: %7

 Target Server Name:       %8
 Target Server Info:       %9
 Caller Process ID:        %10
 Source Network Address:   %11
 Source Port:              %12
 Caller Process Name:      %13


Lookup Audit Policy Configuration Settings

C:\> AuditPol.exe /get /category:Logon/Logoff
How to enable Windows Auditing


Audit Category:
Logon/Logoff
Corresponding Events:
4648


LEFT/RIGHT arrow keys for navigation

Back to List