Windows Event 4660

I

Icy_Galaxy

Hello Everyone,I'm trying actually to create a detection rule with Windows event 4660 to track any deleted object, file, directory or something like that. I know that this event is logged when an object is deleted. I checked that all the advanced audit policies are configured to Success and Failure to be able to collect the events, but when : I created a new registry key and deleted it after that, event 4660 has not been logged;I tried to deleted system registry keys but same thing;I tried to delete files and directories but also same thing.I want to know, why this event code is not generated

Continue reading...
 
You must log in or register to reply here.

Similar threads

A
Weird Activities On Windows Security Logs In Event Viewer
Replies
0
Views
30
Ai Vo
A
D
How do I fix "Event 7000, Service Control Manager"?
Replies
0
Views
18
Dat Nguyen-Tran
D
R
Windows 10 About Thirteen Event Viewer Reported Error Types; What To Do?
Replies
0
Views
31
RickMalm
R
A
Getting Event ID 153 from nvlddmkm. When running program that uses GPU sometimes the display freezes and then returns.
Replies
0
Views
30
Aviato
A
A
Weird Activities On Windows Security Logs In Event Viewer
Replies
0
Views
25
Ai Vo
A
Back
Top Bottom