Closed Mobaka9 closed 7 months ago
index=* category="Sensitive Privilege Use" source="WinEventLog:Security" (EventCode=4720 OR EventCode=4726)
index=* category="Sensitive Privilege Use" source="WinEventLog:Security" (EventCode=4720 OR EventCode=4726)