Failed attempt to perform a privileged operation." event on daily basics,
279 views
Skip to first unread message
Chetan Hiremath
Mar 2, 2023, 6:02:27 AM3/2/23
to Wazuh mailing list
Hello Team
I am receiving several count of "Failed attempt to perform a privileged operation." event on daily basics,
Message I am getting in the log.
Kindly help me to understand why this events are getting generated ?
Eduardo Leon Aldazoro
Mar 2, 2023, 8:06:38 AM3/2/23
to Wazuh mailing list
Hi Chetan Thanks for using Wazuh!
Can you please provide me with the following data:
- data.win.system.severityValue - data.win.system.eventID
-rule.groups -data.win.system.providerName
- data.win.system.level
Can you please provide me with the following data:
- data.win.system.severityValue - data.win.system.eventID
-rule.groups -data.win.system.providerName
- data.win.system.level
I'll be waiting for you to reply.
Thank you.
Best Regards,
Chetan Hiremath
Mar 6, 2023, 2:01:52 AM3/6/23
to Wazuh mailing list
Hello Eduardo,
Sorry for the delay
Sorry for the delay
data.win.system.severityValue - Audit-Failure.
data.win.system.eventID - 4673
rule.groups - windows, windows security data.win.system.providerName - Microsoft-windows-Security-auditing
data.win.system.level - 0
rule.groups - windows, windows security data.win.system.providerName - Microsoft-windows-Security-auditing
data.win.system.level - 0
Abdulaziz Aljaberi
Oct 25, 2023, 9:36:08 AM10/25/23
to Wazuh | Mailing List
Dear
Eduardo Leon Aldazoro,
I'm facing the same issue, and below are the details requested from your side.
Reply all
Reply to author
Forward
0 new messages