Object Access » Object Access Event: 4666
Event ID 4666 – An Application Attempted An Operation
Event ID | 4666 |
Category | Object Access: Application Generated |
Type | Success Audit |
Description | Event ID 4666 is logged when an application attempts an operation |
This log data provides the following information:
- Client Name
- Client Domain
- Client Context ID
- Object Name
- Scope Names
- Application Name
- Application Instance ID
- Role
- Groups
- Operation Name
Why does event ID 4666 need to be monitored?
- To monitor if an operation was attempted by an application
- To detect abnormal and potentially malicious activity
- To ensure compliance with regulatory mandates
Event 4666 applies to the following operating systems:
- Windows 2008 R2 and 7
- Windows 2012 R2 and 8.1
- Windows 2016 and 10
Explore Active Directory auditing and reporting with ADAudit Plus.
Account Management Auditing
Active Directory Auditing
Windows Server Auditing
- Related Products
- ADManager Plus Active Directory Management & Reporting
- ADAudit Plus Real-time Active Directory Auditing and UBA
- EventLog Analyzer Real-time Log Analysis & Reporting
- ADSelfService Plus Self-Service Password Management
- AD360 Integrated Identity & Access Management
- Log360 (On-Premise | Cloud) Comprehensive SIEM and UEBA
- AD Free Tools Active Directory FREE Tools