Windows Service Modification Service Start (via Splunk): code 7036

info Nessus Network Monitor Plugin ID 710009

Synopsis

SIEM Pull Service has detected via Splunk query that, on this Windows system, a service or daemon was started.

Description

SIEM Pull Service has detected via Splunk query that, on this Windows system, a service or daemon was started. The query used was source="WinEventLog:*" AND (Message="*service*running state*" OR Message="*service*start*")

Solution

N/A

Plugin Details

Severity: Info

ID: 710009

Family: Policy

Published: 8/20/2004

Updated: 5/18/2018

Detections

Analytics