detection.wiki

Microsoft-Windows-Security-Adminless

1 events across 1 channel

Event IDTitleChannel
1Access to a resource would have been denied if run with the adminless …Operational

Event ID 1 — Access to a resource would have been denied if run with the adminless restriction at FailureTime (StackHash: StackHash).

Provider
Microsoft-Windows-Security-Adminless
Channel
Operational

Description

Access to a resource would have been denied if run with the adminless restriction at FailureTime (StackHash: StackHash).

Message #

Access to a resource would have been denied if run with the adminless restriction at %1 (StackHash: %2).

Fields #

NameDescription
FailureTime FILETIME
StackHash HexInt32