Security Reference

This reference contains information on security-relevant objects and values.

Event Correlation

In order to create easy to analyze events, there are a number of events that need to be combined so that they can provide a full picture of what can be seen in the log. This section describes the correlation logic to be used.

Kerberos error code list

The Kerberos error code list provides a complete overview over errors from the Kerberos authentication system.

Windows Event-Specific Articles

Information on events we have researched. Often works together with the Event Repository.

Work in Progress

Papers in this section are not finished, but may already provide some value. Please use them at your sole risk – they may be incomplete, inconsistent and even totally wrong.

Comments on these papers are highly appreciated. If you would like to do so, please directly contact the author specified in the paper.

Windows Default User Objects

Windows Default Global Groups

Windows Default Domain Local Groups

Windows Default Local Groups

Windows System Groups

If you are interested in specific Windows Event IDs, you may find related information at the Network Event Parsing Database.

Security Reference
Scroll to top