We have started monitoring the security logs on DC. We are tracking failed login attempts and account lockouts. We want to create a report for our customers to show them the numbers each month, or add this to our executive summary.
Is anyone else doing this? If so, how?
Hi! We would like to do the same. Please tell me about how you log the failed logins. Maybe I can help with the report?
We are monitoring for Failures on the security log. We are checking for events 4771 and 4770.