About Skadrir

Skadrir · ‎07-17-2024

I tailored the query to the appropriate fields and viola it worked. I appreciate your efforts and thank you for your time.

Skadrir · ‎07-17-2024

Effectively I want to comb through the windows event logs to determine logon dates and times for a specific user(s) and output those entries into a table with username, date and time. We have a windows index and we want to query the last seven days and the number of logins for a given user. I would imagine it'd be fairly simple to do, I just don't SPL. This is why I engaged the brain trust online in this forum. I don't splunk as a day job, so I'm not familiar with the intricacies with SPL. In short, give all entries from windows security logs for the last seven days from the windows index for a specific user with event ID 4624. Thank you.

Skadrir · ‎07-17-2024

I am trying to query our windows and linux indexes to verify how many times a user has logged in over a period of time. Currently, I only care about the last 7 days. I've tried to run some queries, but it's not very fruitful. Can I gain some assistance with generating a query for determining the number of logins over a period of time, please? Thank you.

Posts	3
Solutions	0
Karma Given	2
Karma Received	1
Member Since	‎07-17-2024

Online Status	Offline
Date Last Visited	‎07-17-2024 02:07 PM

Query user login over a period of time

Re: Query user login over a period of time

Re: Query user login over a period of time

Query user login over a period of time

Join the Conversation

Query user login over a period of time

Re: Query user login over a period of time

Re: Query user login over a period of time

Query user login over a period of time