| skipped 12 lines |
13 | 13 | | * **4672**: Assign special privileges |
14 | 14 | | |
15 | 15 | | More details are described in the following documents: |
16 | | - | * [Visualise Event Logs to Identify Compromised Accounts - LogonTracer -](http://blog.jpcert.or.jp/2017/11/visualise-event-logs-to-identify-compromised-accounts---logontracer-.html) |
17 | | - | * [イベントログを可視化して不正使用されたアカウントを調査](https://www.jpcert.or.jp/magazine/acreport-logontracer.html) (Japanese) |
| 16 | + | * [Visualise Event Logs to Identify Compromised Accounts - LogonTracer -](https://blogs.jpcert.or.jp/en/2017/11/visualise-event-logs-to-identify-compromised-accounts---logontracer-.html) |
| 17 | + | * [イベントログを可視化して不正使用されたアカウントを調査](https://blogs.jpcert.or.jp/ja/2017/11/logontracer.html) (Japanese) |
18 | 18 | | |
19 | 19 | | ![LogonTracer sample](images/sample.png) |
20 | 20 | | |
| skipped 27 lines |