This event informs you that a logon session was successfully created for the user. See MSW2KDB for information on the details present in the description (logon ID, GUID, etc).
When you turn on the Audit Logon Events feature to track logon and logoff events, you may receive logon event messages (Event 528 Type 2) in the security log. However, you may not receive user logoff event messages (Event 538 Type 2) in the security log. See ME828020 for a hotfix applicable to Microsoft Windows 2000. For additional information, see ME318253 and ME287537.
See "Threats and Countermeasures: Security Settings in Windows Server 2003 and Windows XP" for detailed information about relevant security settings that you can configure on Microsoft Windows Server 2003 and Windows XP SP1.
A user or an application successfully logged on to a computer. A corresponding event id 538 will be recorded for the logoff. See the comments for event id 538. See ME274176 for more details.
For a list of logon types see the link to the "Windows Logon Types" article.
Information about the <authentication package> field found in the "Windows Authentication Packages" article.
Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net.
Obtain enhanced visibility into Cisco ASA firewall logs using the free Firegen for Cisco ASA Splunk App. Take advantage of dashboards built to optimize the threat analysis process.