Share via

Net Statistics Server.

Doria 1,246 Reputation points
2020-10-22T15:51:09.957+00:00

Hi everyone!

May someone share any material about permission and password violations? I would like to track the process and discover what is causing those numbers. Look:

34374-untitled.png

Thanks.

Windows for business Windows Server Devices and deployment Configure application groups
0 comments
Accepted answer
  1. Udara Peiris 701 Reputation points
    2020-10-23T01:09:44.66+00:00

    Hi Doria,

    You can audit logon failure(4625 event in Security events)

    Check following for further details.
    https://learn.microsoft.com/en-us/windows/security/threat-protection/auditing/event-4625

    (Don't forget to Accept as answer if this is helpful)

    1 person found this answer helpful.
    0 comments

7 additional answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Anonymous
    2020-10-22T15:58:19.437+00:00

    Could be hacking attempts. May need to do some network captures.

    --please don't forget to Accept as answer if the reply is helpful--

    0 comments
  2. SethWH 436 Reputation points
    2020-10-22T16:06:27.33+00:00

    Could be nefarious, or could be a lot of users type in their passwords incorrectly (it happens) . You normally see these high password violation numbers on domain controllers and the file servers will have high permissions violations. Your server has both. What is the function of this particular server?

    0 comments
  3. Doria 1,246 Reputation points
    2020-10-22T16:36:49.893+00:00

    File server.

    What tools and which OS log can I get more information?

  4. Vicky Wang 2,736 Reputation points
    2020-10-26T08:18:58.587+00:00

    Hi,
     
    Just checking in to see if the information provided was helpful. Please let us know if you would like further assistance.
     
    Best Regards,
    Vicky

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.