Four-Eyes Authorization Enabled

Sent when a user enables four-eyes authorization. For more information, see Four-Eyes Authorization.

General Information

Event ID: 42400

Event message details: Four-eyes authorization has been enabled by <UserName>

Severity: Info

Parameters

Parameters
Parameter Name	Description	Example
Operation	Name of the operation.	Operation="Four-eyes authorization has been enabled"
OperationId	Operation ID. Possible values: 0 — Four-eyes authorization has been enabled 1 — Four-eyes authorization has been disabled 100 — Delete backup <Name> 101 — Delete log backup <Name> 102 — Delete configuration backup <Name> 103 — Disable four-eyes authorization 104 — Delete snapshot <Name> 105 — Delete object <Name> 106 — Delete service provider <Name> 107 — Delete storage <Name> 108 — Update Veeam Backup & Replication security settings 10000 — Other operations	OperationId="0"
InitiatorFullInfo	Detailed information about the user who initiated an operation. Includes the following data: fullName — the user name loginType	InitiatorFullInfo="<ModifiedUserInfo fullName="TECH\user1" loginType="0" />"
VbrHostName	Backup server name. Can be a DNS name, an FQDN or an IP address.	VbrHostName="vbrsrv01.tech.local"
VbrVersion	Veeam Backup & Replication version.	VbrVersion="13.0.1.180"
Version	Event version (service parameter).	Version="1"
Description	Event message details.	Description="Four-eyes authorization has been enabled by TECH\user1."

Syslog Message Example

1 2025-11-24T05:21:33.216714-07:00 VBRSRV01 Veeam_MP - - [origin enterpriseId="31023"] [categoryId=0 instanceId=42400 Operation="Four-eyes authorization has been enabled" OperationId="0" InitiatorFullInfo="<ModifiedUserInfo fullName="TECH\user1" loginType="0" />" VbrHostName="vbrsrv01.tech.local" VbrVersion="13.0.1.180" Version="1" Description="Four-eyes authorization has been enabled by TECH\user1."]