HIDS 61110

From Atomicorp Wiki
Revision as of 12:01, 21 October 2020 by Scott (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search
Rule 1
Status Active
Alert Message Windows audit failure event



Composite IDS rule indicating multiple system error messages have been reported by windows. It is typically a generic catch all for multiple recurrences of the same error message

What you should do

This means something is wrong with an application/applications on the windows system. Investigate the application(s) reporting this message to identify the cause.


False Positives

There are no false positives with this rule.

Tuning Guidance

There is no guidance for tuning this rule, this is a generic Windows error and the rule should not be disabled.

Additional Information


If you are unsure about how to respond to this alert, please contact Atomicorp support. We're here to help you!

Similar Rules


Knowledge Base Articles


Outside References



Personal tools