| Event Source: | Microsoft Windows Security Auditing |
| Event ID: | 4719 (0x126F) |
| Event log: | Security |
| Event type: | Information |
| Event text (English): | System audit policy was changed. Subject: Security ID: %1 Account Name: %2 Account Domain: %3 Logon ID: %4 Audit Policy Change: Category: %5 Subcategory: %6 Subcategory GUID: %7 Changes: %8 |
| Event text (German): | The system monitoring policy has been changed. Applicant: Security ID: %1 Account name: %2 Account domain: %3 Logon ID: %4 Monitoring policy change: Category: %5 Subcategory: %6 Subcategory GUID: %7 Changes: %8 |
Parameter
The parameters contained in the event text are filled with the following fields:
- %1: SubjectUserSid (win:SID)
- %2: SubjectUserName (win:UnicodeString)
- %3: SubjectDomainName (win:UnicodeString)
- %4: SubjectLogonId (win:HexInt64)
- %5: CategoryId (win:UnicodeString)
- %6: SubcategoryId (win:UnicodeString)
- %7: SubcategoryGuid (win:GUID)
- %8: AuditPolicyChanges (win:UnicodeString)
In contrast to operational events, which are often understood under the term "monitoring", auditing for the certification authority is the configuration of logging of security-relevant events.
Description
No description has been written for this yet.
Safety assessment
The security assessment is based on the three dimensions of confidentiality, integrity and availability.
No description has been written for this yet.
English 
Deutsch