Re: Auditing Successful Logins
From: Steven L Umbach (n9rou_at_nospam-comcast.net)
Date: 06/01/05
- Next message: Steven L Umbach: "Re: User Logon ID"
- Previous message: douglas martin: "Re: decrypting a file question"
- In reply to: IanBHendry: "Auditing Successful Logins"
- Next in thread: Jeremiah Beckett: "RE: Auditing Successful Logins"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 31 May 2005 18:47:58 -0500
You can not audit selectively for account logon or logon events. The logs
are sorted by time and you can use tools like Event Comb to make searching
through the security logs much easier. There are free third party command
line tools that allow you to dump event logs to meet certain criteria such
as PsLogList. --- Steve
http://support.microsoft.com/default.aspx?scid=kb;en-us;308471 --- Event
Comb
http://www.sysinternals.com/ntw2k/freeware/psloglist.shtml
http://www.microsoft.com/technet/scriptcenter/scripts/logs/eventlog/default.mspx
-- vbscipts for managing logs
"IanBHendry" <IanBHendry@discussions.microsoft.com> wrote in message
news:1874BD1C-A37A-40B4-BCB5-F45FBD475A2B@microsoft.com...
>1 of our managers wants to know when (and which) employees logon before
>8a.m.
> Can the logs be set to only record successful logons for a given time
> period? I don't want to log all successful logons - - way too much data
> to
> soft through.
- Next message: Steven L Umbach: "Re: User Logon ID"
- Previous message: douglas martin: "Re: decrypting a file question"
- In reply to: IanBHendry: "Auditing Successful Logins"
- Next in thread: Jeremiah Beckett: "RE: Auditing Successful Logins"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
