Sei sulla pagina 1di 4

EPO

Firewall User Changes - Firewall User Changes. Last 25 Events: from: 2018-08-23 to: 2018-08-23

No data available

Logins - Logins. Last 25 Events: from: 2018-08-23 to: 2018-08-23

Date
Event Name Device IP Username Source Dest.
GMT+2:00
AlienVault HIDS: Special
2018-08-23
privileges assigned to new 192.168.116.206 SYSTEM A00W141 A00W141
23:41:31
logon
AlienVault HIDS: Special
2018-08-23
privileges assigned to new 192.168.116.206 SYSTEM A00W141 A00W141
23:41:31
logon
AlienVault HIDS:
2018-08-23
Successful login during 192.168.116.206 SYSTEM A00W141 A00W141
23:41:31
non-business hours.
AlienVault HIDS:
2018-08-23
Successful login during 192.168.116.206 SYSTEM A00W141 A00W141
23:41:31
non-business hours.
AlienVault HIDS:
2018-08-23
Windows Network Logon 10.205.67.3 Epo.admin A00W141:55200 Z00W023
23:35:21
AlienVault HIDS:
2018-08-23
Windows Network Logon 10.205.67.3 Epo.admin A00W141:55200 Z00W023
23:35:21
AlienVault HIDS: Special
2018-08-23
privileges assigned to new 192.168.116.206 A00W141$ A00W141 A00W141
22:57:56
logon
AlienVault HIDS:
2018-08-23
Windows Network Logon 192.168.116.206 A00W141$ A00W141 A00W141
22:57:56
AlienVault HIDS:
2018-08-23
Windows Network Logon 192.168.116.206 A00W141$ A00W141 A00W141
22:57:41
AlienVault HIDS: Special
2018-08-23
privileges assigned to new 192.168.116.206 A00W141$ A00W141 A00W141
22:57:40
logon
AlienVault HIDS:
2018-08-23
Windows Network Logon 192.168.116.206 UCSJHB9422$ 10.205.253.56:56833 A00W141
22:49:49
AlienVault HIDS:
2018-08-23
Successful login during 192.168.116.206 SYSTEM A00W141 A00W141
22:49:49
non-business hours.
AlienVault HIDS: Special
2018-08-23
privileges assigned to new 192.168.116.206 SYSTEM A00W141 A00W141
22:49:49
logon
AlienVault HIDS:
2018-08-23
Windows Network Logon 192.168.116.206 UCSJHB9422$ 10.205.253.56:56833 A00W141
22:49:30
AlienVault HIDS: Special
2018-08-23
privileges assigned to new 192.168.116.206 A00W141$ A00W141 A00W141
22:20:59
logon
AlienVault HIDS:
2018-08-23
Windows Network Logon 192.168.116.206 A00W141$ 0.0.0.0 A00W141
22:20:59
AlienVault HIDS:
2018-08-23
Windows Network Logon 192.168.116.206 A00W141$ 0.0.0.0 A00W141
22:20:59
AlienVault HIDS: Special
2018-08-23
privileges assigned to new 192.168.116.206 A00W141$ A00W141 A00W141
22:20:59
logon

User: admin / 2018-08-24 06:50:19 Page 1 / 4


EPO

AlienVault HIDS: Special


2018-08-23
privileges assigned to new 192.168.116.206 SYSTEM A00W141 A00W141
21:52:51
logon
AlienVault HIDS:
2018-08-23
Successful login during 192.168.116.206 SYSTEM A00W141 A00W141
21:52:51
non-business hours.
AlienVault HIDS:
2018-08-23
Windows Network Logon 192.168.116.206 UCSJHB9422$ 10.205.253.56:55795 A00W141
21:46:57
AlienVault HIDS:
2018-08-23
Windows Network Logon 192.168.116.206 UCSJHB9422$ 10.205.253.56:55795 A00W141
21:46:57
AlienVault HIDS: Special
2018-08-23
privileges assigned to new 192.168.116.206 A00W141$ A00W141 A00W141
21:26:58
logon
AlienVault HIDS:
2018-08-23
Windows Network Logon 192.168.116.206 A00W141$ A00W141 A00W141
21:26:58
AlienVault HIDS: Special
2018-08-23
privileges assigned to new 192.168.116.206 SYSTEM A00W141 A00W141
21:00:13
logon

Database Failed Logons - Database Failed Logons. Last 25 Events: from: 2018-08-23 to: 2018-08-23

No data available

Antivirus events - Antivirus events. Last 25 Events: from: 2018-08-23 to: 2018-08-23

Event Name Date GMT+2:00 Source Destination Risk


AlienVault HIDS: McAfee Windows AV
2018-08-23 23:59:19 A00W141 A00W141
informational event.
AlienVault HIDS: McAfee Windows AV
2018-08-23 23:59:19 A00W141 A00W141
informational event.
AlienVault HIDS: McAfee Windows AV
2018-08-23 23:59:19 A00W141 A00W141
informational event.
AlienVault HIDS: McAfee Windows AV
2018-08-23 23:59:19 A00W141 A00W141
informational event.
AlienVault HIDS: McAfee Windows AV
2018-08-23 23:59:19 A00W141 A00W141
informational event.
AlienVault HIDS: McAfee Windows AV
2018-08-23 23:59:19 A00W141 A00W141
informational event.
AlienVault HIDS: McAfee Windows AV
2018-08-23 23:59:19 A00W141 A00W141
informational event.
AlienVault HIDS: McAfee Windows AV
2018-08-23 23:59:19 A00W141 A00W141
informational event.
AlienVault HIDS: McAfee Windows AV
2018-08-23 23:59:19 A00W141 A00W141
informational event.
AlienVault HIDS: McAfee Windows AV
2018-08-23 23:59:19 A00W141 A00W141
informational event.
AlienVault HIDS: McAfee Windows AV
2018-08-23 23:59:19 A00W141 A00W141
informational event.

User: admin / 2018-08-24 06:50:19 Page 2 / 4


EPO

AlienVault HIDS: McAfee Windows AV


2018-08-23 23:59:19 A00W141 A00W141
informational event.
AlienVault HIDS: McAfee Windows AV
2018-08-23 23:59:19 A00W141 A00W141
informational event.
AlienVault HIDS: McAfee Windows AV
2018-08-23 23:59:19 A00W141 A00W141
informational event.
AlienVault HIDS: McAfee Windows AV
2018-08-23 23:59:19 A00W141 A00W141
informational event.
AlienVault HIDS: McAfee Windows AV
2018-08-23 23:59:19 A00W141 A00W141
informational event.
AlienVault HIDS: McAfee Windows AV
2018-08-23 23:59:19 A00W141 A00W141
informational event.
AlienVault HIDS: McAfee Windows AV
2018-08-23 23:59:19 A00W141 A00W141
informational event.
AlienVault HIDS: McAfee Windows AV
2018-08-23 23:59:19 A00W141 A00W141
informational event.
AlienVault HIDS: McAfee Windows AV
2018-08-23 23:59:19 A00W141 A00W141
informational event.
AlienVault HIDS: McAfee Windows AV
2018-08-23 23:59:19 A00W141 A00W141
informational event.
AlienVault HIDS: McAfee Windows AV
2018-08-23 23:59:19 A00W141 A00W141
informational event.
AlienVault HIDS: McAfee Windows AV
2018-08-23 23:59:19 A00W141 A00W141
informational event.
AlienVault HIDS: McAfee Windows AV
2018-08-23 23:59:19 A00W141 A00W141
informational event.
AlienVault HIDS: McAfee Windows AV
2018-08-23 23:59:19 A00W141 A00W141
informational event.

Application events - Application events. Last 25 Events: from: 2018-08-23 to: 2018-08-23

No data available

File Add or Delete - File Add or Delete. Last 25 Events: from: 2018-08-23 to: 2018-08-23

No data available

IPv6 Detected - IPv6 Detected. Last 25 Events: from: 2018-08-23 to: 2018-08-23

No data available

OTX IP Reputation - OTX IP Reputation. Last 25 Events: from: 2018-08-23 to: 2018-08-23

No data available

Cleartext - Cleartext. Last 25 Events: from: 2018-08-23 to: 2018-08-23

No data available

Time Changes - Time Changes. Last 25 Events: from: 2018-08-23 to: 2018-08-23

No data available

User: admin / 2018-08-24 06:50:19 Page 3 / 4


EPO

FTP Failed Logons - FTP Failed Logons. Last 25 Events: from: 2018-08-23 to: 2018-08-23

No data available

Authentication and DHCP events - User Deleted - Authentication/User Deleted. Last from: 2018-08-23 to: 2018-08-23
25 Events:

No data available

PCI - Antivirus Management - All Security Risk Events. Last 25 Events: from: 2018-08-23 to: 2018-08-23

No data available

Raw Logs - Top 10 Events from: 2018-08-23 to: 2018-08-23

Event Occurrences
AlienVault HIDS: A new process has been 21.907
created
AlienVault HIDS: McAfee Windows AV 1.991
informational event.
AlienVault HIDS: Privileged operation 1.185
performed.
AlienVault HIDS: Service control manager: 314
A service has stopped.
AlienVault HIDS: Service control manager: 288
A service entered the running state.
AlienVault HIDS: Special privileges 119
assigned to new logon
AlienVault HIDS: Security Enabled Local 105
Group Changed
AlienVault HIDS: Service startup type was 97
changed.
AlienVault HIDS: The state of a transaction 72
was successfully changed.
AlienVault HIDS: Windows Network Logon 61

User: admin / 2018-08-24 06:50:19 Page 4 / 4