| ID | Event Description |
|---|---|
| 1101 |
Audit Events Have Been Dropped By The Transport
CJIS, PCI-DSS, ISO 27001:2013
|
| 1102 |
The audit log was cleared
CJIS, ISO 27001:2013, PCI-DSS
|
| 1104 |
The security event log is now full
CJIS, PCI-DSS, ISO 27001:2013
|
| 4624 |
An account was successfully logged on
CJIS, Audit Success, ISO 27001:2013, HIPAA, NIST SP 800-53, CMMC L1, NIST 800-171
|
| 4625 |
An account failed to log on
Audit Failure, CJIS, ISO 27001:2013, PCI-DSS, HIPAA, NIST SP 800-53, NIST 800-171, CMMC L1
|
| 4649 |
A replay attack was detected
Domain Controller, Audit Success, Audit Failure, PCI-DSS, HIPAA, CJIS, ISO 27001:2013
|
| 4656 |
A handle to an object was requested
Audit Failure, Audit Success, CJIS
|
| 4663 |
An attempt was made to access an object
Audit Success, CJIS
|
| 4723 |
An attempt was made to change an account's password
Audit Success, Audit Failure, CJIS
|
| 4724 |
An attempt was made to reset an account's password
Audit Failure, Audit Success, CJIS, ISO 27001:2013
|
| 4768 |
This event generates every time Key Distribution Center issues a Kerberos Ticket Granting Ticket (TGT).
Domain Controller, Audit Success, Audit Failure, CJIS, ISO 27001:2013, PCI-DSS, NIST 800-171, NIST SP 800-53
|
| 4769 |
A Kerberos service ticket was requested
Domain Controller, Audit Success, Audit Failure, CJIS, ISO 27001:2013, HIPAA, NIST 800-171, NIST SP 800-53, CMMC L1
|
| 4771 |
Kerberos pre-authentication failed
Domain Controller, Audit Failure, CJIS, ISO 27001:2013, PCI-DSS, HIPAA, NIST 800-171, NIST SP 800-53, CMMC L3
|
| 4776 |
The computer attempted to validate the credentials for an account
Audit Failure, Audit Success, CJIS, ISO 27001:2013, PCI-DSS, HIPAA, NIST 800-171, NIST SP 800-53, CMMC L1
|