Solved

Log User Logons with 2008R2

Posted on 2011-09-29
4
313 Views
Last Modified: 2012-12-17
I have enabled Security Logging in the Default GPO.. Both Logon Events and Account Logon events and my security log is populated with 1000s of events. What I need is simply Events that show the Username, the time, and the machine. Some 4624 events have this, some list the machine, others list a server  account. How do I accomplish this? This is very frustrating. I do not see how I can effectively filter the Events to just display the relevant information. This has to be a common question as this is the most basic logging request.  I don't see any 540 events. I think that may have had the correct information in server 2003
0
Comment
Question by:probetech
4 Comments
 
LVL 57

Accepted Solution

by:
Mike Kline earned 500 total points
ID: 36815557
You are going to get a ton of noise by full logging like that.  Another method is to use a simple login script

http://msmvps.com/blogs/kwsupport/archive/2005/02/24/36942.aspx

http://support.microsoft.com/default.aspx/kb/556015?p=1

Thanks

Mike
0
 

Author Comment

by:probetech
ID: 36816506
Can I output the information to a syslog like kiwi instead of a .txt file?
0
 
LVL 26

Expert Comment

by:Pber
ID: 38697467
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, we will see the basic design consideration while designing a Multi-tenant web application in a simple manner. Though, many frameworks are available in the market to develop a multi - tenant application, but do they provide data, cod…
Is your Office 365 signature not working the way you want it to? Are signature updates taking up too much of your time? Let's run through the most common problems that an IT administrator can encounter when dealing with Office 365 email signatures.
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

914 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now