Windows Dashboard showing Who (was) logged on to ?

Dashboard with 3 separate columns which allow you to drill into 3 separate assets to find out who was logged on, when they logged on, and how they logged on. Accounts for remote logins, local logins, and unlocks/reconnects accounted for but not Type 3 (network logons for shared file access etc).

Time picker set so you can alter the time frame on the fly.

No addons required, should work with standard Splunk with Windows event code 4624

Share This:

Leave A Comment?