ExportPrivilegedAccountProtection

Column_name Type Length Index Description Example
ID bigint   1 Ascending Identity 1
TimeGenerated datetime     Event Generation Date/Time  
CommandLine nvarchar 1024   Command Line <None>
PrivilegedGroupName nvarchar 200   Privileged Group Name Administrators
PrivilegedGroupRID nvarchar 10   Privileged Group Relative Identifier 544
Access nvarchar 200   Group Access Details Add Member&#44; Remove Member&#44; List Members&#44; Read Information
PolicyGUID uniqueidentifier     Policy UUID E7654321-AAAA-5AD2-B954-12342918D604
PolicyName nvarchar 1024   Policy Name EventGen Test Policy
WorkstyleName nvarchar 1024   Workstyle name EventGen Test Workstyle
FileName nvarchar 255   File name <None>
ApplicationHash nvarchar 40   Application SHA1 921CA2B3293F3FCB905B24A9536D8525461DE2A3
ProductCode nvarchar 1024   Product Code <None>
UpgradeCode nvarchar 1024   Upgrade Code <None>
FileVersion nvarchar 1024   File Version <None>
MD5 nvarchar 32   MD5 Hash 3279476E39DE235B426D69CFE8DEBF55
UserSID nvarchar 200   User SID S-1-21-123456789-123456789-1635717638-1072059836
UserName nvarchar 1024   User Name EGUser1
UserDomainSID nvarchar 200   User Domain SID S-1-21-123456789-123456789-1635717638
UserDomainName nvarchar 1024   User Domain EGDomain
UserNameNETBIOS nvarchar 15   User Domain NETBIOS EGDOMAIN
ChassisType nvarchar 40   Chassis Type Other
HostSID nvarchar 200   Host SID S-1-21-123456789-123456789-1635717638-390614945
HostName nvarchar 1024   Host Name EGHostWin1
HostNameNETBIOS nvarchar 15   Host NETBIOS EGHOSTWIN1
OS nvarchar 20   OS Version 6.3
OSProductType int     OS Product Type 1
HostDomainSID nvarchar 200   Host Domain SID S-1-21-123456789-123456789-1635717638
HostDomainName nvarchar 1024   Host Domain EGDomain
HostDomainNameNETBIOS nvarchar 15   Host domain NETBIOS EGDOMAIN
FileOwnerUserSID nvarchar 200   File Owner SID S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464
FileOwnerUserName nvarchar 1024   File Owner NT SERVICE\TrustedInstaller
FileOwnerDomainName nvarchar 1024   File Owner Domain NT SERVICE
ApplicationURI nvarchar 1024   URI of a macOS application com.apple.preference.datetime
ApplicationDescription nvarchar 2048   Application description lusrmgr.msc
FirstDiscovered datetime     First time app was seen 2017-01-03 10:25:50.110
FirstExecuted datetime     First time app was executed 2017-01-03 10:24:00.000
PlatformType nvarchar 10   Platform Type Windows
ProductName nvarchar 1024   Product name <None>
ProductVersion nvarchar 1024   Product version <None>
Publisher nvarchar 1024   Publisher Microsoft Windows
TrustedOwner bit     1 if a trusted owner, 0 otherwise 1