Hey guys I can’t find a straight answer…
I want to replace the hex values from securitylog…
----- field----
winlogbeat_event_data_SubStatus
0xc000006a
the hexcodes have different meanings so if the value is 0xc000006a
I want to replace it with
wrong password
if the value is
0xc0000064
replace with
wrong username
0xc0000071
replace with
password expired
and so on. is there a way to do so?
Thanks for your help