Hello together,
I want to search for "Binding Type: 0" in the following example log:
**LogName=Directory Service
SourceName=Microsoft-Windows-ActiveDirectory_DomainService
EventCode=2889
EventType=4
Type=Information
ComputerName=XXXXX
User=NOT_TRANSLATED
Sid=S-1-5-7
SidType=0
TaskCategory=LDAP Interface
OpCode=The operation completed successfully.
RecordNumber=7362133
Keywords=Classic
Message=The following client performed a SASL (Negotiate/Kerberos/NTLM/Digest) LDAP bind without requesting signing (integrity verification), or performed a simple bind over a clear text (non-SSL/TLS-encrypted) LDAP connection.
Client IP address:
1.1.11.1:5555
Identity the client attempted to authenticate as:
XXX\XXXX
Binding Type:
0**
The problem is that the value 0 is a new line.
Do you know how can I search for this?
Please help.
↧