Is it required to monitor Event 4776 Expand / Collapse
Author
Message
Posted 9/14/2018 8:00:23 PM
Forum Newbie

Forum NewbieForum NewbieForum NewbieForum NewbieForum NewbieForum NewbieForum NewbieForum Newbie

Group: Forum Members
Last Login: 9/14/2018 3:50:58 AM
Posts: 1, Visits: 0
Hello Guys,
We are receiving tons of events for EVID 4776, our SIEM Admin asked us if we can exclude this event id from monitoring. What are your suggestions? Should we monitor Events for EVID 4776 and what are the recommendations for monitoring this event. Can we exclude this event in any situation. Please suggest. We don't want to miss any important event but if this event is similar to Events 4624 & 4625 and gives same information about use success and failed logins, then can we ignore this event or not? Need your valuable suggestions.
Post #8502
« Prev Topic | Next Topic »


Permissions Expand / Collapse

All times are GMT -5:00, Time now is 10:46pm