Accounts Disabled WinEventLog:Security ItsJohnLocke Vote Up +1 Vote Down -1You already voted! This query will return results for accounts disabled on a windows 2008 or newer operating system for a given time range: sourcetype=WinEventLog:Security (EventCode=4725) | stats count by index, user, host, name Continue Reading →
