Solved

Log User Logons with 2008R2

Posted on 2011-09-29
4
316 Views
Last Modified: 2012-12-17
I have enabled Security Logging in the Default GPO.. Both Logon Events and Account Logon events and my security log is populated with 1000s of events. What I need is simply Events that show the Username, the time, and the machine. Some 4624 events have this, some list the machine, others list a server  account. How do I accomplish this? This is very frustrating. I do not see how I can effectively filter the Events to just display the relevant information. This has to be a common question as this is the most basic logging request.  I don't see any 540 events. I think that may have had the correct information in server 2003
0
Comment
Question by:probetech
4 Comments
 
LVL 57

Accepted Solution

by:
Mike Kline earned 500 total points
ID: 36815557
You are going to get a ton of noise by full logging like that.  Another method is to use a simple login script

http://msmvps.com/blogs/kwsupport/archive/2005/02/24/36942.aspx

http://support.microsoft.com/default.aspx/kb/556015?p=1

Thanks

Mike
0
 

Author Comment

by:probetech
ID: 36816506
Can I output the information to a syslog like kiwi instead of a .txt file?
0
 
LVL 26

Expert Comment

by:Pber
ID: 38697467
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Is your Office 365 signature not working the way you want it to? Are signature updates taking up too much of your time? Let's run through the most common problems that an IT administrator can encounter when dealing with Office 365 email signatures.
In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

679 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question