![[H]ard|Forum](/styles/hardforum/xenforo/logo_dark.png){kind=logo}
Hey folks, I figure I can't be the only one that's ever wanted to get at this information easily, so hopefully some of you can help me out. In the Security Event Log (Server 2k8 R2), for logon audit failures, it logs the source IP address in the event details. I'm trying to find an automated/semi-automated way of generating a list of all of these IPs that have triggered logon failures. Exporting the security log filtered to show just that event ID (4625) just shows the columns I can already see in event viewer itself and none of the details for each event.
Any help/ideas?
Thanks!!
Any help/ideas?
Thanks!!