deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-15 06:47:21 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

corrected link

Browse Source 
as per user report issue #9742, so i corrected the link.
all event ids  560, 562 , ....... all comes under  **audit object access**
This commit is contained in:
VARADHARAJAN K 2021-06-28 18:34:23 +05:30 committed by GitHub
parent 72ed30329e
commit 425f096d8d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
windows/security/threat-protection/security-policy-settings/audit-audit-the-access-of-global-system-objects.md
View File

@ -79,7 +79,7 @@ All auditing capabilities are integrated in Group Policy. You can configure, dep
To audit attempts to access global system objects, you can use one of two security audit policy settings: To audit attempts to access global system objects, you can use one of two security audit policy settings:
- [Audit Kernel Object](../auditing/audit-kernel-object.md) in Advanced Security Audit Policy Settings\\Object Access - [Audit Kernel Object](../auditing/audit-kernel-object.md) in Advanced Security Audit Policy Settings\\Object Access
- [Audit object access](../auditing/basic-audit-object-access.md) under Security Settings\\Local Policies\\Audit Policy - [Audit Object Access](../auditing/basic-audit-object-access.md) under Security Settings\\Local Policies\\Audit Policy
If possible, use the Advanced Security Audit Policy option to reduce the number of unrelated audit events that you generate. If possible, use the Advanced Security Audit Policy option to reduce the number of unrelated audit events that you generate.
@ -92,7 +92,7 @@ If the [Audit Kernel Object](../auditing/audit-kernel-object.md) setting is conf
| 4661 | A handle to an object was requested. | | 4661 | A handle to an object was requested. |
| 4663 | An attempt was made to access an object. | | 4663 | An attempt was made to access an object. |
If the [Audit Kernel Object](../auditing/audit-kernel-object.md) setting is configured, the following events are generated: If the [Audit Object Access](../auditing/basic-audit-object-access.md) setting is configured, the following events are generated:
| Event ID | Event message | | Event ID | Event message |
| - | - | | - | - |