cool thanks ill give it a try. Graeme
On 8 February 2010 16:25, KenM <[email protected]> wrote: > You could use eventcombmt > > > > > > On Mon, Feb 8, 2010 at 11:13 AM, Michael Waltonen <[email protected]>wrote: > >> If you have remote administration access enabled workstations (GPO >> firewall exception needed, if you don’t), you could perform a WMI query to >> Win32_NTLogEvent for the pertinent event IDs and username. >> >> >> >> -Mike >> >> >> >> *From:* [email protected] [mailto: >> [email protected]] *On Behalf Of *Graeme >> Carstairs >> *Sent:* Monday, February 08, 2010 10:00 AM >> >> *To:* NT System Admin Issues >> *Subject:* Easy way to scan all security logs on Domain connected PC's >> >> >> >> Hi, >> >> >> >> We have a requirement to scan all the security logs for all the PC's, >> laptops and servers in a domain to see if a user attempted to logon to any >> off them over a weekend. >> >> >> >> Does anyone know of something that could pull all the logon failures from >> these logs and let me look at them to see if that use is listed. >> >> >> >> Thanks >> >> >> >> Graeme >> >> >> >> -- >> Good news everyone, you have just received and e-mail from me! >> >> Stephen >> Leacock<http://www.brainyquote.com/quotes/authors/s/stephen_leacock.html> - >> "I detest life-insurance agents: they always argue that I shall some day >> die, which is not so." >> >> >> >> >> >> >> >> >> >> > > > > > -- Good news everyone, you have just received and e-mail from me! Marie von Ebner-Eschenbach<http://www.brainyquote.com/quotes/authors/m/marie_von_ebnereschenbac.html> - "Even a stopped clock is right twice a day." ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
