deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-21 13:23:36 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

acrolinx fixes

Browse Source
This commit is contained in:
ShannonLeavitt
2020-11-04 07:59:09 -07:00
parent d12be6ff6a
commit 37d9f9d76c
3 changed files with 6 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
windows/security/threat-protection/auditing/audit-user-device-claims.md
View File

@ -1,6 +1,6 @@
---
title: Audit User/Device Claims (Windows 10)
description: Audit User/Device Claims is an audit policy setting which enables you to audit security events that are generated by user and device claims.
description: Audit User/Device Claims is an audit policy setting that enables you to audit security events that are generated by user and device claims.
ms.assetid: D3D2BFAF-F2C0-462A-9377-673DB49D5486
ms.reviewer:
manager: dansimp
@ -25,7 +25,7 @@ Audit User/Device Claims allows you to audit user and device claims information
For a network logon, such as accessing a shared folder on the network, the security audit event is generated on the computer hosting the resource.
***Important***: [Audit Logon](audit-logon.md) subcategory must also be enabled in order to get events from this subcategory.
***Important***: Enable the [Audit Logon](audit-logon.md) subcategory in order to get events from this subcategory.
**Event volume**:

4
windows/security/threat-protection/auditing/event-1105.md
View File

@ -13,7 +13,7 @@ manager: dansimp
ms.author: dansimp
---
# 1105(S): Event log automatic backup.
# 1105(S): Event log automatic backup
**Applies to**
- Windows 10
@ -71,7 +71,7 @@ This event generates, for example, if the maximum size of Security Event Log fil
***Field Descriptions:***
**Log** \[Type = UnicodeString\]: the name of the log which was archived (new event log file was created and previous event log was archived). Always “**Security”** for Security Event Logs.
**Log** \[Type = UnicodeString\]: the name of the log that was archived (new event log file was created and previous event log was archived). Always “**Security”** for Security Event Logs.
**File**: \[Type = FILETIME\]: full path and filename of archived log file.

4
windows/security/threat-protection/auditing/event-4618.md
View File

@ -32,7 +32,7 @@ Account must have **SeAuditPrivilege** (Generate security audits) to be able to
- Only **OrgEventID**, **ComputerName**, and **EventCount** are required—others are optional. Fields not specified appear with “**-**“ in the event description field.
- If a field doesnt match the expected data type, the event is not generated. (i.e., if **EventCount** = “XYZ” then no event is generated.)
- If a field doesnt match the expected data type, the event is not generated. That is, if **EventCount** = “XYZ”, then no event is generated.
- **UserSid**, **UserName**, and **UserDomain** are not related to each other (think **SubjectUser** fields, where they are)
@ -98,5 +98,5 @@ Account must have **SeAuditPrivilege** (Generate security audits) to be able to
For 4618(S): A monitored security event pattern has occurred.
- This event can be invoked only manually/intentionally, it is up to you how interpret this event depends on information you put inside of it.
- This event can be invoked only manually/intentionally, it is up to you how to interpret this event depends on information you put inside of it.