The fastest way to filter events by description
Filtering events by description is one of the most asked questions to us. Some time ago I wrote an article devoted to this problem. Recently we had to check all events in the security log linked with a certain file (let’s say, it’s winword.exe, C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE). The easiest solution was to use Filter command and type file name in the “Text in description”… Read More »