PatternDB Event ID Lookup

The AlienVault PatternDB.xml file is a pre-filter applied to events picked up by NXlog, reducing the number of event types sent to AlienVault.

This tool enables searching of the list and provides additional information on the events in order to aid in security investigations. Events are referenced against Microsoft's own documentaion where possible, however some Event ID's do not have dedicated pages and are referenced against other sources. This may mean a little extra digging is necessary for some events.

If an Event ID does not appear in the list below, it is of little or no security value and therefore is not collected by NXlog when using PatternDB. Similarly, if PatternDB is not in use, filtering rules can be created to filter out events not listed below.