Detection rules › By event

Microsoft-Windows-Security-Auditing Event ID 4738

19 detection rules reference this event. View event page.

Sigma (9)

Elastic (3)

Splunk (6)

Kusto (1)