‎04-05-2017 03:49 PM
Solved! Go to Solution.
‎04-14-2017 11:14 AM
Three solutions that work for us to find "Logon Type: 3" events:
- The filter below returns more unwanted results, if "3" is mentioned elsewhere in the events, but is the simplest filter and compatible with SQL Compact and SQL Server databases.
Where tblNtlogMessage.Message Like '%logon type:%3%'- The filter below uses SubString and CharIndex to isolate the "3" after "Logon type:" and is compatible with SQL Compact and SQL Server databases.
Where SubString(tblNtlogMessage.Message, CharIndex('logon type:',
tblNtlogMessage.Message) + 13, 1) = '3' And tblNtlogMessage.Message Like
'%logon type:%'- The filter below specifically looks for tabs in the string, but is only compatible with SQL Server databases. SQL Compact doesn't recognize the Char(9) function that identifies tabs.
Where tblNtlogMessage.Message Like '%' + 'logon type:' + Char(9) + Char(9) + '3' + '%'
You can see which database server you're using in the Configuration\Your Lansweeper License section of the web console. We'll post our answer on the forum as well. Just for future reference: we do not guarantee a response on the forum. If you require input from us, be sure to contact us via email.
‎04-18-2017 11:31 AM
‎04-14-2017 11:14 AM
Three solutions that work for us to find "Logon Type: 3" events:
- The filter below returns more unwanted results, if "3" is mentioned elsewhere in the events, but is the simplest filter and compatible with SQL Compact and SQL Server databases.
Where tblNtlogMessage.Message Like '%logon type:%3%'- The filter below uses SubString and CharIndex to isolate the "3" after "Logon type:" and is compatible with SQL Compact and SQL Server databases.
Where SubString(tblNtlogMessage.Message, CharIndex('logon type:',
tblNtlogMessage.Message) + 13, 1) = '3' And tblNtlogMessage.Message Like
'%logon type:%'- The filter below specifically looks for tabs in the string, but is only compatible with SQL Server databases. SQL Compact doesn't recognize the Char(9) function that identifies tabs.
Where tblNtlogMessage.Message Like '%' + 'logon type:' + Char(9) + Char(9) + '3' + '%'
You can see which database server you're using in the Configuration\Your Lansweeper License section of the web console. We'll post our answer on the forum as well. Just for future reference: we do not guarantee a response on the forum. If you require input from us, be sure to contact us via email.
‎04-11-2017 08:29 AM
Experience Lansweeper with your own data. Sign up now for a 14-day free trial.
Try Now