Created
June 11, 2018 23:59
-
-
Save ecapuano/aacd097755665ea45d8b516568ae51e4 to your computer and use it in GitHub Desktop.
Lookup CSV for WinLogBeat decorations in Graylog
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| id | description | |
|---|---|---|
| 2 | Interactive (logon at keyboard and screen of system) | |
| 3 | Network (i.e. connection to shared folder on this computer from elsewhere on network) | |
| 4 | Batch (i.e. scheduled task) | |
| 5 | Service (Service startup) | |
| 7 | Unlock (i.e. unlocking unnattended workstation) | |
| 8 | NetworkCleartext (Logon with credentials sent in the clear text.) | |
| 9 | NewCredentials such as with RunAs or mapping a network drive with alternate credentials. | |
| 10 | RemoteInteractive (Terminal Services Remote Desktop or Remote Assistance) | |
| 11 | CachedInteractive (logon with cached domain credentials) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment