Parent and Child Information
EventID 4688: A new process has been createdEventID 1024: RDP ClientActiveX is trying to connect to the serverEventID 2004: Firewall Rule AddedEventID 2005: Firewall Rule ModifiedEventID 2006: Firewall Rule DeletedEventID 2071: Firewall Rule AddedEventID 2073: Firewall Rule ModifiedEventID 2052: Firewall Rule DeletedEventID 9707: Command Execution StartedEventID 4104: PowerShell Script Block Logging
Last updated