Community
- Command Central
- MVP Program
- Monthly Mission
- Blogs
- Groups
- Events
- Media Vault
Products
- Observability
- Network Management
- Application Management
- IT Security
- IT Service Management
- System Management
- Database Management
Content Exchange
- SolarWinds Platform
- Server & Application Monitor
- Database Performance Analyzer
- Server Configuration Monitor
- Network Performance Monitor
- Network Configuration Manager
- SQL Sentry
- Web Help Desk
Free Tools & Trials

How to create filter in kiwi syslog web access to filter only windows logon events

sultan1232

Dear All,

I want to create filter in syslog server to view the windows logon and logoff (event logs).

Please help me to create the filter.

Find more posts tagged with

Accepted answers

All comments

bkyle

You will need to find a text string in the event logs that are sent over. Next you will set up a message text filter. Please see this link:

http://www.kiwisyslog.com/help/syslog/index.html?filters_simple.htm

Add your text to the Include box, and should only give you the event that you need.

FormerMember

For the Web Access you can do it easily. Filter Field select "Message Text" , IS , Like, 4624. 4624 is the event id for an "An Aacount was successfully logged on." Then do the same for 4634 "An account was logged off." That should get you started, hope it helps.