|Product:||Windows Operating System|
|Component:||Security Event Log|
|Message:||IKE security association established. Mode: %1 Peer Identity: %2 Filter: %3 Parameters: %4|
If IP Security returns (Mode == Key Exchange (Main mode)), this means that the peer has successfully authenticated, and the Key Exchange security association is established. If the value returned is (Mode == Data Protect (Quick mode)), this means that a Data Protection security association over the given filter has been established.
The main purpose of the success security audits is to track an attacker after the fact.