security log _event id 538/540 - TechRepublic
General discussion
March 4, 2003 at 10:19 PM
travisr

security log _event id 538/540

by travisr . Updated 23 years, 4 months ago

I can’t find an answer to this anywhere. How does a file server log events for users connecting to resources? Does the server log a logon event every time a user opens a file in a directory, or should it just log one event for the intitial authentication within a certain time period?
I am seeing a tremendous amount of logon and logoff events for certain user id’s in a very short period of time.
Thanks,

This discussion is locked

All Comments