|
gptkbp:instanceOf
|
event logging system
|
|
gptkbp:accessibleBy
|
gptkb:wevtutil
gptkb:PowerShell
gptkb:Event_Viewer
|
|
gptkbp:API
|
gptkb:Windows_Event_Log_API
|
|
gptkbp:category
|
Computer security
Windows administration
|
|
gptkbp:developedBy
|
gptkb:Microsoft
|
|
gptkbp:documentation
|
https://learn.microsoft.com/en-us/windows/win32/eventlog/event-logging
|
|
gptkbp:enhancedIn
|
gptkb:Windows_Vista
gptkb:Windows_Server_2008
|
|
gptkbp:exportedTo
|
gptkb:EVTX
XML
CSV
|
|
gptkbp:features
|
access control
tamper detection
log integrity
|
|
gptkbp:fileExtension
|
.evtx
|
|
https://www.w3.org/2000/01/rdf-schema#label
|
Windows Event Log
|
|
gptkbp:introducedIn
|
gptkb:Windows_NT
2001
|
|
gptkbp:location
|
%SystemRoot%\\System32\\winevt\\Logs
|
|
gptkbp:logTypes
|
gptkb:software
Security
Application
Forwarded Events
Setup
|
|
gptkbp:numberOfLocations
|
system events
security events
application events
|
|
gptkbp:operatingSystem
|
gptkb:Microsoft_Windows
|
|
gptkbp:relatedTo
|
gptkb:Windows_Error_Reporting
gptkb:Syslog_(comparison)
gptkb:Windows_Management_Instrumentation
|
|
gptkbp:replacedBy
|
gptkb:Event_Logging_Service_(legacy)
|
|
gptkbp:successor
|
gptkb:Event_Viewer_(legacy)
|
|
gptkbp:supports
|
event filtering
event forwarding
event subscriptions
event archiving
XML-based log format
custom event logs
event auditing
|
|
gptkbp:usedFor
|
compliance reporting
security monitoring
troubleshooting
system auditing
|
|
gptkbp:bfsParent
|
gptkb:Windows_Hardware_Error_Architecture
gptkb:Azure_Antimalware_Extension
gptkb:FortiSIEM
gptkb:Windows_Server_containers
gptkb:Event_Viewer
|
|
gptkbp:bfsLayer
|
6
|