?
Solved

How to log when user restarts PC

Posted on 2008-06-19
2
Medium Priority
?
219 Views
Last Modified: 2010-04-11
I need to log when users reboot this certain PC.  I believe I should go under admin tools - local security policy - local policy - audit policy...but I'm not sure which event to start loging and I don't want to log more than I need.  Is there any documentation on what exacly each of these policies track?  If not, can someone tell me which policy I should log to trap the "restart" or "shutdown" of the PC?
0
Comment
Question by:j_donald_c
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 23

Accepted Solution

by:
Danny Child earned 375 total points
ID: 21822584
you can check your System EventLog for event 6005 which shows the Event Log starting up.  This is a good indicator of a reboot.  Also check for 6006 - Event Log Stopping.

Event Type:      Information
Event Source:      EventLog
Event Category:      None
Event ID:      6005
Date:            18/06/2008
Time:            09:12:51
User:            N/A
Computer:      <YourPCname>
Description:
The Event log service was started.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
0
 

Author Comment

by:j_donald_c
ID: 21829855
Thanks.  That will work.  And now I don't have to worry about loging one of these other areas.
0

Featured Post

Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Article by: Justin
In light of the WannaCry ransomware attack that affected millions of Windows machines, you might wonder if your Mac needs protecting. Yes, it does and here is how to do it.
The well known Cerber ransomware continues to spread this summer through spear phishing email campaigns targeting enterprises. Learn how it easily bypasses traditional defenses - and what you can do to protect your data.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question