I am kind of new so I apologize to my ignorance.
What I am trying to do is use the Windows Event Logs EventCode 5156 and 4688
I want to search via 5156, it provides the PID and the Process making the connection. I want to be able to then use the information from the 5156 to find the 4688 for that process which provides its command line arguments. Any ideas?
... View more