System32
Sysmon
Events
Compliance
Validator
TLS/SSL
GeoIP
Tools
Sysmon Events
Source
Microsoft-Windows-Sysmon
(1)
Category
Process accessed (rule: ProcessAccess)
(1)
Tags
AppLocker
All AppLocker events
EventSentry
All EventSentry events
Security
All Windows Security events
Sysmon
All Sysmon events
ID
Event Message
10
Process accessed: RuleName: %1!s! UtcTime: %2!s! SourceProcessGUID: %3!s! SourceProcessId: %4!s! SourceThreadId: %5!s! SourceImage: %6!s! TargetProcessGUID: %7!s! TargetProcessId: %8!s! TargetImage: %9!s! GrantedAccess: %10!s! CallTrace: %11!s! SourceUser: %12!s! TargetUser: %13!s!