暂时无法在支持网站上提交享有定期维护的产品表单。 如果您需要我们立即提供帮助,请与技术支持部门联系。 对于由此给您带来的不便,我们深表歉意。
获得即时帮助
完成注册
登录
请求定价
联系销售人员
您已选择一个产品捆绑包。 您能否选择单个产品以便我们更好地满足您的请求。 *
技术支持工程师目前正忙,无法回应您的消息。 如果需要即时服务,请通过我们的服务请求表提交请求。
以下文章可根据您的描述解决您的问题。
Change Auditor audits activities in the Azure Active Directory that correspond to the events in the Sign-ins report in the Azure Active Directory portal.
Failed Azure Active Directory sign-in
Created when a user fails to sign-in to an application. The event details show the user whose attempt failed, their location, and the application they attempted to access.
Medium
Successful Azure Active Directory sign-in
Created when a user successfully signs-in to an application. The event details show the user whose attempt failed, their location, and the application they attempted to access.
Low
Azure Active Directory - sign-in event
Generic sign-in event with a dynamically constructed event description (What statement). The event is created when sign-in activity is detected that does not have a corresponding event defined in Change Auditor.
Change Auditor audits activities in the Azure Active Directory that correspond to the events in the Risky sign-ins report in the Azure Active Directory portal.
Active risk event detected
Created when a new risk event is detected with an active state.
High
Active risk event status changed to closed
Created when an active risk event is closed as a result of being marked as:
This event helps you to understand why a risk event has been manually closed.
Closed risk event status changed to active
Created when a closed risk event is reactivated.
Closed risk event detected
Created when a new risk event is detected with a closed state. This can happen if the risk event has been marked as resolved, a false positive, set to ignore, closed (remediated), closed (login blocked), closed (automatic multi-factor authentication), or closed (multiple reasons) before it has been detected by Change Auditor for the first time.
Kerberos user ticket that exceeds the maximum ticket lifetime detected
A Kerberos user ticket can be used to verify your identity and gain access to specific resources or services in your domain. A golden ticket is a forged Kerberos ticket.
An attack using a golden ticket is extremely dangerous due to the forged identity, elevated access it allows, and because it can be reused over its lifetime (10 years by default).
This event is created when the Kerberos Ticket Lifetime value in agent configuration is exceeded indicating a possible golden ticket attack.
User authenticated through Kerberos
Created when a user successfully authenticated to a domain controller using Kerberos authentication. (Disabled by default)
User failed to authenticate through Kerberos
Created when a user failed to authenticate to a domain controller using Kerberos authentication.
User authenticated through NTLM
Created when a user successfully authenticated to a domain controller using NTLM authentication. (Disabled by default)
User failed to authenticate through NTLM
Created when a user failed to authenticate to a domain controller using NTLM authentication.
A user session took place
Created when a user session took place on a monitored computer.
A user session was ended by the screensaver turning on
Created when a user session is ended because the screensaver turned on.
A user session was ended by user locking the computer
Created when a user session is ended because the user locked up the computer.
A user session was ended by user logging off
Created when a user session is ended because the user logged off.
A user session was ended by user stopping a terminal services connection
Created when a user session is ended because the user stopped a terminal services connection.
A user session was ended due to computer shutdown
Created when a user session is ended because a user has shut down or restarted the computer.
A user session was ended due to user switch
Created when a user session is ended because a different user has logged on.
A user session was started
Created when a user session is started on a monitored computer.
A user session was started before the start of the user session monitoring service
Created when a new user session is started before the user session monitoring service is started.
A user session was started by user exiting screensaver mode
Created when a new user session is started because the user exited the screensaver mode.
A user session was started by user making a terminal services connection
Created when a new user session is started because a user logged in through a terminal services connection.
A user session was started by user unlocking the computer
Created when a new user session is started because the user unlocked the computer.
A user session was started due to user switch
Created when a new user session is started because a different user has logged on.
An incorrectly finished user session was found
Created when an incorrectly finished user session is found when the user session monitoring service is started.
您可以在附属支持站点上查找适用于戴尔*产品*的在线支持帮助。单击“继续”,转至适用于*产品*的正确支持内容和帮助。
The document was helpful.
选择评级
I easily found the information I needed.
© ALL RIGHTS RESERVED. 使用条款 隐私 Cookie Preference Center
Quest Software门户不再支持IE 8、9和10,建议将您的浏览器升级到最新版本的Internet Explorer或Chrome。
要升级到IE 11,请单击此处
要升级到Chrome,请单击此处
如果继续使用IE 8、9和10,您将无法充分利用我们所有出色的自助服务功能。