search

ManderVoronwe / soc-g3

1 stars 0 forks source link

[High] Creation/supression admin #10

Closed Mobaka9 closed 11 months ago

Mobaka9 commented 11 months ago

index=* category="Sensitive Privilege Use" source="WinEventLog:Security" (EventCode=4720 OR EventCode=4726)