IT Operations Discussions
All the up-time. All the nines.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

User Account Audit First and and last logoff events for a 3 month period.

marcusmartin
Path Finder
‎02-22-2021 01:49 AM

Hi i really could use some help, 

I need to produce a report for the first and last logon events for a couple users over a 3 month period. Does anyone have a nice search query string that i could pinch please. 

I can do basic searches in splunk but anything of any real particulars i struggle with.

 

any help would be fantastic, i have the Splunk App for windows infrastructure but for some reason the user audit part dashport just says waiting for input, even when i input a user its just stuck there.

 

Regards

Tags (1)
0 Karma
Get Updates on the Splunk Community!

Stay Connected: Your Guide to May Tech Talks, Office Hours, and Webinars!

Take a look below to explore our upcoming Community Office Hours, Tech Talks, and Webinars this month. This ...

They're back! Join the SplunkTrust and MVP at .conf24

With our highly anticipated annual conference, .conf, comes the fez-wearers you can trust! The SplunkTrust, as ...

Enterprise Security Content Update (ESCU) | New Releases

Last month, the Splunk Threat Research Team had two releases of new security content via the Enterprise ...