Submit a ticketCall us

Get a crash course on Network Monitoring delivered right to your inbox
This free 7-day email course provides a primer to the philosophy, theory, and fundamental concepts involved in IT monitoring. Lessons will explain not only how to perform various monitoring tasks, but why and when you should use them. Sign up now.

Home > Success Center > Log & Event Manager (LEM) > FIM Related Windows Events for LEM

FIM Related Windows Events for LEM

Table of contents
Created by Craig O’ Neill, last modified by Justin Rouviere on Jan 11, 2017

Views: 96 Votes: 1 Revisions: 4

Updated: July 5, 2016

Overview

This article provides information about Windows events similar to FIM connector events logged as it watches certain events on the client machine.

Environment

  • LEM version 6.0 and later
  • Windows

Detail

Here are the Windows Events which are used for File Integrity Monitoring:

  • 4656 A handle to an object was requested
  • 4657 A registry value was modified
  • 4658 The handle to an object was closed
  • 4659 A handle to an object was requested with intent to delete
  • 4660 An object was deleted
  • 4661 A handle to an object was requested
  • 4662 An operation was performed on an object
  • 4663 An attempt was made to access an object

 

 

 

Last modified
09:30, 11 Jan 2017

Tags

Classifications

Public