Security Event Logs
From: Carl Hilton (someone_at_microsoft.com)
Date: 06/10/05
- Next message: bonset: "Is the Latest Windows Update Removal Tool Infected? (KB890830)"
- Previous message: Karl Levinson, mvp: "Re: Should IIS svr NOT be in domain"
- Next in thread: Michele Betelli: "Re: Security Event Logs"
- Reply: Michele Betelli: "Re: Security Event Logs"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 10 Jun 2005 08:36:51 -0400
I have had to read some old NT4 EVT logs and noticed a lot of 528 Logons
followed in about 2-3 minutes by a 538 logoff... This appears to be fairly
consistant over several hundred pairs for most individuals...
Question:
Are there any other way for a 528 event to happen other than a CTRL-ALT-DEL
logon?
What can cause a 538 event?
Thanks
Carl
- Next message: bonset: "Is the Latest Windows Update Removal Tool Infected? (KB890830)"
- Previous message: Karl Levinson, mvp: "Re: Should IIS svr NOT be in domain"
- Next in thread: Michele Betelli: "Re: Security Event Logs"
- Reply: Michele Betelli: "Re: Security Event Logs"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
