Event ID 10016 —
Description
The permission settings do not grant permission for the COM Server application with CLSID.
Fields #
| Name | Description |
|---|---|
param1 | — |
param2 | — |
param3 | — |
param4 | — |
param5 | — |
param6 | — |
param7 | — |
param8 | — |
param9 | — |
param10 | — |
param11 | — |
Example Event #
{
"system": {
"provider": "Microsoft-Windows-DistributedCOM",
"guid": "{1B562E86-B7AA-4131-BADC-B6F3A001407E}",
"event_source_name": "DCOM",
"event_id": 10016,
"version": 0,
"level": 3,
"task": 0,
"opcode": 0,
"keywords": 9259400833873739776,
"time_created": "2023-11-05T23:54:13.816805+00:00",
"event_record_id": 2034,
"correlation": {
"ActivityID": "E4DB489E-1037-0003-B8CC-E0E43710DA01"
},
"execution": {
"process_id": 8,
"thread_id": 10920
},
"channel": "System",
"computer": "WinDev2310Eval",
"security": {
"user_id": "S-1-5-21-1992711665-1655669231-58201500-1000"
}
},
"event_data": {
"param1": "application-specific",
"param2": "Local",
"param3": "Activation",
"param4": "{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}",
"param5": "{15C20B67-12E7-4BB6-92BB-7AFF07997402}",
"param6": "WINDEV2310EVAL",
"param7": "User",
"param8": "S-1-5-21-1992711665-1655669231-58201500-1000",
"param9": "LocalHost (Using LRPC)",
"param10": "Unavailable",
"param11": "Unavailable"
},
"message": ""
}
References #
- Example event sourced from https://github.com/NextronSystems/evtx-baseline