in order to collect who is logging on to Server via Remote Sessions and event subscription can be created with the following XML filters
*[System[(EventID=4624 or EventID=4625)]] and *[EventData[Data[@Name=’LogonType’] and Data=10]]
in order to collect who is logging on to Server via Remote Sessions and event subscription can be created with the following XML filters
*[System[(EventID=4624 or EventID=4625)]] and *[EventData[Data[@Name=’LogonType’] and Data=10]]