Albert Widjaja
asked on
Get-WinEvent vs. Get-EventLog to get AD security log from multiple AD domain controllers ?
Hi All,
Can anyone here share some script or explanation how can I use Powershell Get-WinEvent or Get-EventLog to get some list of AD security event ?
I need the below information to see if any DOMAIN\Administrator account is in use or not anymore by anyone in my AD domain.
Any help and suggestion would be greatly appreciated.
Can anyone here share some script or explanation how can I use Powershell Get-WinEvent or Get-EventLog to get some list of AD security event ?
I need the below information to see if any DOMAIN\Administrator account is in use or not anymore by anyone in my AD domain.
Keywords: Audit Success
Logon Type: 3
Date: 13/09/2016 1:42:25 PM
Security ID: Domain\Administrator
Source Network Address: 10.188.15.19
Any help and suggestion would be greatly appreciated.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
@Subsun, Thanks for the help.
@McKnife too you rocks !
@McKnife too you rocks !
ASKER