EventList – version 1.0.1/1.0.2 released

EventList version 1.0.1 released

Download EventList

EventList Documentation

Changes in Version 1.0.1

Fixed Documentation Links

Since the links in the official Microsoft documentation are not meant to be included automatically, some links pointed to the wrong direction. I manually edited all incorrect links, everything should work now.

Added granular event monitoring recommendation

When generating the EventList for a particular baseline, the column “Recommendation” was added (Careful, do not confuse with “Audit Recommendation”!).¬† Now you can see immediately if this event is worth monitoring or not.


Monitoring those events is recommended. If you decide to leave them out, do it at your own risk. Follow the link to the documentation to learn more.

No Recommendation

In most cases an event marked with “No recommendation” is not worth your time, when it comes to security. Maybe some of those events are useful for troubleshooting nevertheless, but none of them is useful for security monitoring.


“Depends” signals that you should follow the link, read the documentation and decide if you should monitor it, depending on your environment. It’s really a bad idea to just ignore events marked with “Depends” – go and check the documentation. ūüėČ

Removed “Delete Single Baseline” button

Well, the only purpose this button had was for troubleshooting while developing. Removed!

Added Baseline folder name shortening

I received several messages, that some baselines could not be imported. I found out that the long pathname was the problem and Excel couldn’t handle them. As the baselines to import are already located in the tmp-Directory (guess for what reason I did not implement a folder picker…), every baseline folder which is longer than 24 characters will be renamed.

EventList version 1.0.2 released

  • Fixed a minor bug which was was responsible for not showing the fixed links.

One comment

Comments are closed.