update

Author: Deland-Han

support/windows-server/group-policy/set-event-log-security-locally-or-via-group-policy.md

@@ -57,7 +57,7 @@ To construct an SDDL string, note that there are three distinct rights that pert
 
 The following is a sample SDDL that shows the default SDDL string for the Application log. The access rights (in hexadecimal) are bold-faced for illustration:
 
-> O:BAG:SYD:(D;; 0xf0007 ;;;AN)(D;; 0xf0007 ;;;BG)(A;; 0xf0007 ;;;SY)(A;; 0x5 ;;;BA)(A;; 0x7 ;;;SO)(A;; 0x3 ;;;IU)(A;; 0x2 ;;;BA)(A;; 0x2 ;;;LS)(A;; 0x2 ;;;NS)
+> O:BAG:SYD:(A;;**0xf0007**;;;SY)(A;;**0x7**;;;BA)(A;;**0x3**;;;BO)(A;;**0x5**;;;SO)(A;;**0x1**;;;IU)(A;;**0x3**;;;SU)(A;;**0x1**;;;S-1-5-3)(A;;**0x2**;;;S-1-5-33)(A;;**0x1**;;;S-1-5-32-573)
 
 For example, the first ACE denies Anonymous Users read, write, and clear access to the log. The sixth ACE permits Interactive Users to read and write to the log.