I would like to monitor user login activity including when the user simply locks a workstation.
I downloaded Microsoft Log Parser, but for some it does not work against the Security log on the domain controller. The Parser, however, works against the System log on the same controller. Any ideas?
Any other solutions to monitor and audit the user activity?