You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
|**Windows Security events**| 4624: An account was successfully logged on<br>4625: An account failed to log on<br>4648: A logon was attempted using explicit credentials<br>4672: Special privileges assigned to new logon<br>4688: A new process has been created |
24
+
|**Windows Security events**<br>*WindowsEvent* or<br>*SecurityEvent*| 4624: An account was successfully logged on<br>4625: An account failed to log on<br>4648: A logon was attempted using explicit credentials<br>4672: Special privileges assigned to new logon<br>4688: A new process has been created |
25
25
26
26
## UEBA enrichments
27
27
@@ -75,8 +75,6 @@ The following table describes the behavior analytics data displayed on each [ent
75
75
> - The first, in **bold**, is the "friendly name" of the enrichment.
76
76
> - The second *(in italics and parentheses)* is the field name of the enrichment as stored in the [**Behavior Analytics table**](#behavioranalytics-table).
77
77
78
-
79
-
80
78
#### UsersInsights field
81
79
82
80
The following table describes the enrichments featured in the **UsersInsights** dynamic field in the BehaviorAnalytics table:
@@ -271,3 +269,5 @@ This document described the Microsoft Sentinel entity behavior analytics table s
271
269
- Learn more about [entity behavior analytics](identify-threats-with-entity-behavior-analytics.md).
272
270
-[Enable UEBA in Microsoft Sentinel](enable-entity-behavior-analytics.md).
273
271
-[Put UEBA to use](investigate-with-ueba.md) in your investigations.
![prmerger-automator[bot]](https://avatars.githubusercontent.com/u/22479449?v=4&size=40){kind=avatar}
0 commit comments