Home > Success Center > Log & Event Manager (LEM) > FIM Related Windows Events for LEM

FIM Related Windows Events for LEM

Table of contents
Created by Craig O’ Neill, last modified by Justin Rouviere on Jan 11, 2017

Views: 734 Votes: 1 Revisions: 4

Updated: July 5, 2016

Overview

This article provides information about Windows events similar to FIM connector events logged as it watches certain events on the client machine.

Environment

  • LEM version 6.0 and later
  • Windows

Detail

Here are the Windows Events which are used for File Integrity Monitoring:

  • 4656 A handle to an object was requested
  • 4657 A registry value was modified
  • 4658 The handle to an object was closed
  • 4659 A handle to an object was requested with intent to delete
  • 4660 An object was deleted
  • 4661 A handle to an object was requested
  • 4662 An operation was performed on an object
  • 4663 An attempt was made to access an object

 

 

 

You must to post a comment.
Last modified
15:30, 11 Jan 2017

Tags

Classifications

Public