{
"system": {
"provider": "MSSQL$RADAR",
"guid": "",
"event_source_name": "",
"event_id": 18456,
"version": 0,
"level": 0,
"task": 4,
"opcode": 0,
"keywords": 40532396646334464,
"time_created": "2020-07-15T11:31:21.474283+00:00",
"event_record_id": 58857,
"correlation": {},
"execution": {
"process_id": 0,
"thread_id": 0
},
"channel": "Application",
"computer": "mssql01.offsec.lan",
"security": {
"user_id": ""
}
},
"event_data": {
"Data": [
"unexisting-user",
" Reason: An attempt to login using SQL authentication failed. Server is configured for Windows authentication only.",
" [CLIENT: 10.23.23.9]"
],
"Binary": "GEgAAA4AAAAOAAAATQBTAFMAUQBMADAAMQBcAFIAQQBEAEEAUgAAAAcAAABtAGEAcwB0AGUAcgAAAA=="
},
"message": ""
}