Manualshelf

User`s guide

ManualsBrandsVMware ManualsOtherVCLOUD REQUEST MANAGER 1.0.0
30313233343536373839
Technical white paper
32
Figure 37. ESM Query Failed Logon General
In the Fields tab we can select which event fields we want to return and display when the Query is executed. Using the failed
logon event we’ll display the Category Outcome, Category Behavior, Target Address, Target Host Name and Attacker User
Name, as illustrated in Figure 38.
Figure 38. ESM Query Failed Logon Fields
Next we’ll select the conditions that must be met to satisfy our Query. In this section we’ll select the Category Behavior
equal to /Authentication/Verify and Category Outcome = False.
Figure 39. ESM Query Failed Logon Conditions
Our Failed Logon Query is now ready to display all events that contain these conditions.