Hello Neemobeer,
Thanks for the replay.
We have a use case in the environment which needs to collect interactive logon on the PCs.
Also, considering normal scenario in which we want to check if any service user account is getting used for interactive log on. It is essential to have interactive logon type in logs. In this case, it is not possible to check each and every PC, also wa can not integrate such PCs in the SIEM as the quantity on logs will be huge and unnecesary.
Thus, I am looking for a way to get such infomartion from AD itself as all PCs communicate with AD for authentication.
Regards,
Ameer Mane
Sent from my Moto G (4) using Tapatalk