OS Logon Logs

You can access this page from the Monitoring > OS Logon Logs tab. This page lists the authentication logs made in RDP and console connections. In the log list, you can view the Date, Username, Message, and Status information of each OS Logon log. In the top right corner, you can quickly switch between Audit, Radius, Proxy, OWA, ADFS, OS Logon, and User Portal logs. You can also update the log list by clicking the refresh button located below these options. Additionally, you can search and filter OS Logon logs.

To learn more about an OS Logon log, you can click the magnifying glass icon on the right side of the OS Logon log. When you review the log details, you will see the following information:

Date: Displays the date and time the log was generated. Username: Displays the user that generated the log. Message: Contains a description of the log.

Log Level: Displays the severity of the log. The levels are as follows:

• INFO: Refers to successful operations.

• WARNING: Refers to failed operations.

Sam Name: Displays the SAM name of the user that generated the log. End User IP: Displays the IP address of the user who generated the log. Source Country: Indicates the country of the generated log. Authentication Result: Displays the success status of the user's authentication. First Authentication Result: Displays the result of the user's first authentication attempt. Second Authentication Result: Displays the result of the user's second authentication attempt. Authentication Method: Displays the authentication method used by the rule that triggered the log. Agent Version: Displays the agent's version. Agent Hostname: Displays the server name where the agent is installed. Connection Type: Shows the connection type of the log.

Created OS Logon Logs are listed in the Monitoring > OS Logon Logs tab.