SessionLimit v2
  • Infrastructure Documents
  • Overview
    • What is SessionLimit
    • FAQs
    • Road Map
    • Licensing
  • Planning
    • POC Requirements
    • Supported Configurations
    • Windows Server Requirements
    • SQL Server Requirements
    • Agent Requirements
      • .Net Framework 4.7.2
    • Other Requirements
    • Network Considerations
    • Design
      • Single Deployment
      • Distributed Deployment
  • Deployment
    • GMSA Account for Application Pool
    • DNS Service Record for Agent Autodiscovery
    • Installing Microsoft SQL Server
    • Internet Information Service Installation
    • .NET Core 8.0 Download and Install
    • .Net Framework 4.7.2 Download and Install
    • HTTPS Certificate
    • Installing SessionLimit 2.0
    • Upgrading SessionLimit
      • Upgrading SessionLimit 2.0.12 to 2.0.13
      • Upgrading SessionLimit 2.0.13 to 2.0.14
      • Upgrading SessionLimit to 2.0.15
      • Upgrading SessionLimit to 2.0.16
      • Upgrading SessionLimit to 2.0.17
      • Upgrading SessionLimit to 2.0.18
      • Upgrading SessionLimit to 2.1
      • Upgrading SessionLimit to 2.1.2
      • Upgrading SessionLimit to 2.1.3
      • Upgrading SessionLimit to 2.1.4
    • First Time Wizard
    • Agent Deployment
  • Managing
    • Logging to SessionLimit 2.0
    • Dashboard (Home)
      • General Dashboard
      • My Dashboard
      • Agents Dashboard
    • Policy
      • Session Protection Policy
      • 2FA Policy
    • Limitations
    • Endpoint Management
      • Users
      • Computers
    • Settings
      • General
        • Server Settings
        • LDAP Settings
        • Notification Settings
          • General Notification
          • E-Mail
          • SMS
        • Syslog Settings
        • Syslog Message Settings
      • Advanced Settings
      • 2FA
      • Agent
    • Events
    • Reports
    • Role Management
    • License Management
      • Online License
    • Syslog
      • Logon Operations
  • Agent
    • Session Control
    • 2FA
  • Tips&Tricks
    • SQL Express Usage
    • Fixing 500.19 web.config error
    • Enable HTTPS Redirection in IIS with HSTS
    • Using GMSA Account in Application Pool
    • Give Database Access for GMSA Account
    • What are the SessionLimit protection states?
    • Securing Windows Server
Powered by GitBook
On this page
  • Successful Logon
  • Logoff
  • Lock
  • Unlock
  1. Managing
  2. Syslog

Logon Operations

Bu olay kategorisi içinde ajanlar üzerinden Windows sistemlere yapılmış tüm oturum işlemleri yer almaktadır. her bir alt kategori ayrı ayrı seçilebilir.

Successful Logon

Logon Operations Successful Logon SamAccountName: DOMAIN/UserName, LogonType: Remote, ComputerName: DOMAIN/ComputerName, IpAddress: 192.168.1.10, ScopeId: 2000 ES-520
Order
Value
Description

1

Logon Operations

Top Level Category Name.

2

Successful Logon

Second Level Category Name.

3

SamAccountName: DOMAIN/UserName

SamAccountName of the logged on user.

4

LogonType: Remote

Logon type of process. This area can be one of the following 2 logon type; a. Interactive b. Remote

5

ComputerName: DOMAIN/ServerName

The name of the computer the user is logged on to.

6

IpAddress: 192.168.1.10

The IP address of the computer the user is logged on to.

7

ScopeId: 2000

The scope id of Successful Logon operation. a. 1000 for Interactive b. 2000 for Remote

8

ES-520

Troubleshooting reference code of this type of event.

Logoff

Logon Operations Logoff SamAccountName: DOMAIN/UserName, LogonType: Remote, ComputerName: DOMAIN/ComputerName, IpAddress: 192.168.1.10, ScopeId: 2003 ES-423
Order
Value
Description

1

Logon Operations

Top Level Category Name

2

Logoff

Second Level Category Name

3

SamAccountName: DOMAIN/UserName

SamAccountName of the logged off user.

4

LogonType: Remote

Logon type of process. This area can be one of the following 2 logon type; a. Interactive b. Remote

5

ComputerName: DOMAIN/ServerName

The name of the computer the user is logged off to.

6

IpAddress: 192.168.1.10

The IP address of the computer the user is logged off to.

7

ScopeId: 2003

The scope id of Logoff operation a. 1003 for Interactive b. 2003 for Remote

8

ES-423

Troubleshooting reference code of this type of event.

Lock

Logon Operations Lock SamAccountName: DOMAIN/UserName, LogonType: Remote, ComputerName: DOMAIN/ComputerName, IpAddress: 192.168.1.10, ScopeId: 2002 ES-1069
Order
Value
Description

1

Logon Operations

Top Level Category Name

2

Lock

Second Level Category Name

3

SamAccountName: DOMAIN/UserName

SamAccountName of the locked user.

4

LogonType: Remote

Logon type of process. This area can be one of the following 2 logon type; a. Interactive b. Remote

5

ComputerName: DOMAIN/ServerName

The name of the computer the user is locked.

6

IpAddress: 192.168.1.10

The IP address of the computer the user is locked.

7

ScopeId: 2002

The scope id of Lock operation a. 1002 for Interactive b. 2002 for Remote

8

ES-1069

Troubleshooting reference code of this type of event.

Unlock

Logon Operations Unlock SamAccountName: DOMAIN/UserName, LogonType: Remote, ComputerName: DOMAIN/ComputerName, IpAddress: 192.168.1.10, ScopeId: 2001 ES-423
Order
Value
Description

1

Logon Operations

Top Level Category Name

2

Unlock

Second Level Category Name

3

SamAccountName: DOMAIN/UserName

SamAccountName of the unlocked user.

4

LogonType: Remote

Logon type of process. This area can be one of the following 2 logon type; a. Interactive b. Remote

5

ComputerName: DOMAIN/ServerName

The name of the computer the user is unlocked.

6

IpAddress: 192.168.1.10

The IP address of the computer the user is unlocked.

7

ScopeId: 2001

The scope id of Unlock operation a. 1001 for Interactive b. 2001 for Remote

8

ES-423

Troubleshooting reference code of this type of event.

PreviousSyslogNextAgent

Last updated 6 months ago