Event ID - 3264

Event Id3264
SourceIntrusion
DescriptionIntrusion detected:
Unthoruzed user .User is persistantly attempting to access resources which is not permitted.
It is highly possible that user is persistantly trying to access file and operation is not allowed.
Event InformationThis event is logged by Eventcorrelator as part of the Default Instrution Detection Alarm feature ,User is persistantly Trying to access resources which not permitted.
It is highly possible that user is persistantly trying to access file and operation is not allowed.
It must be verified that Which user and from which system he is trying to access the resources.
Generate a report using eventTracker console->view histroy->select event id 560 connections and select the involved computer name. Analyse the report from where file access is originated and who is the user.
Reference Links

Catch threats immediately

We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.

See what we caught

Did this information help you to resolve the problem?

Yes: My problem was resolved.
No: The information was not helpful / Partially helpful.
 Refresh