1) Which domain controller logs store information about logon/logoff data - and which actual file stores the logs (i.e. where does it reside on the server, i.e. path)?
2) Is there an easy way to determine log max size information before old logs are overwritten?
3) is there any free software to parse and filter the logs for just logon/logoff events - and is it easy to interpret which domain account the events refer to?
4) Is there a command or easy way to list all domain controllers in a domain?
5) What formula is applied to determine which domain controller you logon to if there is more than one DC in the domain?