EVENT LOG RULES not applying
Hi,
I DO NOT want to get an email notification to me saying if someone put a wrong password when logging on to the server (non-domain environment).
I created a Rule under EVENT LOG RULES with following parameters so that the logon failure alert that has XXX in the DESCRIPTION would be ignored.
Rule Name : Ignore Security Audit containing XXX
Event ID : 529
Source : Security
Category : Logon/Logoff
User :
Event Type : success and failure audit both selected
Description contains string : XXX
If incoming event matches criteria, alert with severity as,: Or, ignore the event
---------------------------------------------------------------------------------
I saved it and but it doesnt apply, and I still get the alert emailed. I have created it under security and all the alerts are set to be looked at.
Thanks for your help. Let me know if you need more info.
Mo
I DO NOT want to get an email notification to me saying if someone put a wrong password when logging on to the server (non-domain environment).
I created a Rule under EVENT LOG RULES with following parameters so that the logon failure alert that has XXX in the DESCRIPTION would be ignored.
Rule Name : Ignore Security Audit containing XXX
Event ID : 529
Source : Security
Category : Logon/Logoff
User :
Event Type : success and failure audit both selected
Description contains string : XXX
If incoming event matches criteria, alert with severity as,: Or, ignore the event
---------------------------------------------------------------------------------
I saved it and but it doesnt apply, and I still get the alert emailed. I have created it under security and all the alerts are set to be looked at.
Thanks for your help. Let me know if you need more info.
Mo