Event ID - 560

Event Id560
SourceSecurity
DescriptionObject Open:
      Object Server: <Object Server>
      Object Type: <Object Type>
      Object Name: <Object Name>
      Handle ID: <Handle ID>
      Operation ID: <Operation ID>
      Process ID: <Process ID>
      Image File Name: <Image File Name>
      Primary User Name: <Primary User Name>
      Primary Domain: <Primary Domain>
      Primary Logon ID: <Primary Logon ID>
      Client User Name: <Client User Name>
      Client Domain: <Client Domain>
      Client Logon ID: <Client Logon ID>
      Accesses: <Accesses>
      ReadData (or ListDirectory)

Privileges: <Privileges>
      Restricted Sid Count: <Restricted Sid Count>
      Access Mask: <Access Mask>     

Event InformationCause:
An object was successfully granted a handle and the listed accesses were granted. This message corresponds to a Security 567 message, which indicates that an object was accessed, and to a Security 562 message, which indicates that the handle of the object was successfully closed. Associated messages have the same Handle ID number.

Resolution:
No user action is required.

Related Events:
Event ID: 567, Event Source: Security
Event ID: 562, Event Source: Security
Reference LinksEvent ID 560 from Source Security

Alternate Event ID in Vista and Windows Server 2008 is 4656.

OnEBill Security Log Errors

Event ID 560 Message Is Recorded in the Security Log

Take Ownership Remotely Does Not Log Security Event

Event 560 Failures Appears When File and Object Auditing Is Enabled

How to Identify the User Who Changed the Administrator Password

Your auditing logs may contain incorrect auditing event details for event 565 and event 560

File reads are logged with event IDs 560 and 562 when you turn on file write auditing in Windows NT

Event IDs 560 and 562 appear many times in the security event log

Event ID 560 is logged every time that you refresh the security log in Windows Server 2003

Catch threats immediately

We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.

See what we caught

Did this information help you to resolve the problem?

Yes: My problem was resolved.
No: The information was not helpful / Partially helpful.