待解决问题
APG登陆日志如何提取? (进入论坛模式)
离问题结束还有0天0小时 |
提问者:chendf24
|
提问时间:2014-11-6 11:52
客户要让大家从ALOG文件里提取出登陆APG的日志。请问如何才能提取出来?登陆APG的用户名是administrator,请问下面是不是大家手动登入/登出的日志?
082;2014-11-05;174238;sec;;WLGS14AP1D\Administrator;;1;1653827;WLGS14AP1A;;0000000561;EventID: 528
Source: Security
Category: Logon/Logoff
Type: Success Audit
Description:
Successful Logon:
User Name: Administrator
Domain: WLGS14AP1D
LogonID: (0x0,0x2358B166)
Logon Type: 2
Logon Process: Advapi
Authentication Package: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
WorkstationName: WLGS14AP1A
Logon GUID: -
Caller User Name: WLGS14AP1A$
Caller Domain: WLGS14AP1D
Caller Logon ID: (0x0,0x3E7)
Caller Process ID: 9240
Transited Services: -
Source Network Address: -
Source Port: -
082;2014-11-05;174240;sec;;WLGS14AP1D\Administrator;;1;1653827;WLGS14AP1A;;0000000211;EventID: 538
Source: Security
Category: Logon/Logoff
Type: Success Audit
Description:
User Logoff:
User Name: administrator
Domain: WLGS14AP1D
LogonID: (0x0,0x234D374D)
Logon Type: 2
如果是,登入的日志中Source Network Address为什么是空的?是因为用管控平台登陆winfiol的原因吗?
082;2014-11-05;174238;sec;;WLGS14AP1D\Administrator;;1;1653827;WLGS14AP1A;;0000000561;EventID: 528
Source: Security
Category: Logon/Logoff
Type: Success Audit
Description:
Successful Logon:
User Name: Administrator
Domain: WLGS14AP1D
LogonID: (0x0,0x2358B166)
Logon Type: 2
Logon Process: Advapi
Authentication Package: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
WorkstationName: WLGS14AP1A
Logon GUID: -
Caller User Name: WLGS14AP1A$
Caller Domain: WLGS14AP1D
Caller Logon ID: (0x0,0x3E7)
Caller Process ID: 9240
Transited Services: -
Source Network Address: -
Source Port: -
082;2014-11-05;174240;sec;;WLGS14AP1D\Administrator;;1;1653827;WLGS14AP1A;;0000000211;EventID: 538
Source: Security
Category: Logon/Logoff
Type: Success Audit
Description:
User Logoff:
User Name: administrator
Domain: WLGS14AP1D
LogonID: (0x0,0x234D374D)
Logon Type: 2
如果是,登入的日志中Source Network Address为什么是空的?是因为用管控平台登陆winfiol的原因吗?
热点问题