microsoft_windows:terminalserver:logs
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revision | Last revisionBoth sides next revision | ||
microsoft_windows:terminalserver:logs [2020/03/09 16:16] – rodolico | microsoft_windows:terminalserver:logs [2020/03/09 16:26] – rodolico | ||
---|---|---|---|
Line 3: | Line 3: | ||
Microsoft hides the Remote Desktop logins pretty deep in their logging structure and there is not much information on how to programmatically get to it. I have a client who needed to get to this, so I figured I'd record what I came up with and some links. | Microsoft hides the Remote Desktop logins pretty deep in their logging structure and there is not much information on how to programmatically get to it. I have a client who needed to get to this, so I figured I'd record what I came up with and some links. | ||
- | There is a lot of documentation on how to do this if you are running a Windows Domain, but in the main case here, that is not the case. | + | There is a lot of documentation on how to do this if you are running a Windows Domain, but in the main case here, that is not the case. This procedure works on machines which are not on a domain, looking a the local server and parsing the local log files. |
This has been tested on Windows 7, Server 2008r2 and Server 2019, the latter two running as Terminal Services servers. | This has been tested on Windows 7, Server 2008r2 and Server 2019, the latter two running as Terminal Services servers. | ||
Line 45: | Line 45: | ||
$Results | Export-Csv -Path $currentDir; | $Results | Export-Csv -Path $currentDir; | ||
</ | </ | ||
+ | |||
+ | The above script first asks for a start and end date for parsing, then opens // | ||
===== Running the script ===== | ===== Running the script ===== |
microsoft_windows/terminalserver/logs.txt · Last modified: 2020/03/10 01:45 by rodolico