Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Log User Logons with 2008R2

Posted on 2011-09-29
4
315 Views
Last Modified: 2012-12-17
I have enabled Security Logging in the Default GPO.. Both Logon Events and Account Logon events and my security log is populated with 1000s of events. What I need is simply Events that show the Username, the time, and the machine. Some 4624 events have this, some list the machine, others list a server  account. How do I accomplish this? This is very frustrating. I do not see how I can effectively filter the Events to just display the relevant information. This has to be a common question as this is the most basic logging request.  I don't see any 540 events. I think that may have had the correct information in server 2003
0
Comment
Question by:probetech
4 Comments
 
LVL 57

Accepted Solution

by:
Mike Kline earned 500 total points
ID: 36815557
You are going to get a ton of noise by full logging like that.  Another method is to use a simple login script

http://msmvps.com/blogs/kwsupport/archive/2005/02/24/36942.aspx

http://support.microsoft.com/default.aspx/kb/556015?p=1

Thanks

Mike
0
 

Author Comment

by:probetech
ID: 36816506
Can I output the information to a syslog like kiwi instead of a .txt file?
0
 
LVL 26

Expert Comment

by:Pber
ID: 38697467
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Is your Office 365 signature not working the way you want it to? Are signature updates taking up too much of your time? Let's run through the most common problems that an IT administrator can encounter when dealing with Office 365 email signatures.
While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question