Have you ever thought of monitoring who else tried to log on to your PC or user account behind you, now you can monitor the login details on your Windows PC.
你有没有想过监控其他试图登录到你身后的电脑或用户帐户的人,现在你可以监控你的 Windows 电脑上的登录细节。
Either it happened on PC or via any Network; you can get more detail about how and when who tried to log on to your PC. You must be aware of many software which try different passwords to gain access to your account, you can always have strong monitoring on these attacks.
无论是在电脑上还是通过任何网络,你都可以获得更多关于谁如何以及何时试图登录到你的电脑的细节。你一定知道有很多软件会尝试不同的密码来访问你的帐户,你可以随时有强大的监控这些攻击
You can do all these just in few minute. So let’s start with setting up monitoring.
您可以在几分钟内完成所有这些工作
How to enable Login audit/Log for your Windows
如何为您的 Windows 启用登录审计/日志
You can set up Audit of Log in attempts and record in your windows by editing group policy. You need to provide Administrator Permission to access the group policy and Event viewer. 您可以设置日志审计尝试和记录在您的窗口编辑组策略。您需要提供管理员权限来访问组策略和事件查看器
Step 1 第一步
Hit Start Button and type ‘gpedit.msc’ and hit enter once you find it. Provide the access permission.
点击开始按钮,键入‘ gpedit.msc’,找到后按回车键。提供访问权限
Step 2 第二步
Navigate as follow 按照以下方式导航
Computer Configuration – Windows Settings – Security Settings – Local policies – Audit policies
计算机配置-Windows 设置-安全设置-本地策略-审计策略
On Clicking Audit policies, you’ll see some list in right hand main windows area. Locate the ‘Audit Login event’ and double click on it.
单击 Audit 策略,您将在右侧主窗口区域中看到一些列表。找到“稽核登入事件”并双击它
Step 3 第三步
Now you’ll notice which option to audit, check on Success and failure both. This means whenever a successful or failed attempt will be made, it will be audited in even log. Click
现在你会注意到要审核哪个选项,检查成功和失败。这意味着,每当尝试成功或失败时,它都将被审计为偶数日志。点击
Apply/OK. 申请/确定
How to View Login Records
如何查看登入纪录
You can check the login attempt or log record whenever you wish to. Again you need to be admin of the PC. To check the logs, you need to go to Event Viewer. 您可以随时检查登录尝试或日志记录。再次你需要管理的 PC。要检查日志,您需要转到事件查看器
Hit start button and Type 点击开始按钮并键入‘event viewer’ 事件查看器from start menu click on it and provide the permission if it ask so. 从开始菜单单击它,并提供权限,如果它要求这样做
In event viewer, navigate as follows 在事件查看器中,按如下方式导航
Windows log – security Windows 日志安全性
In right side, you can view strings like Audit success/Audit failure. 在右侧,您可以查看类似于 Audit success/Audit failure 的字符串
Clicking on each will tell you when and who tried to login to your PC. 点击每个链接都会告诉你何时以及谁试图登录你的电脑
Audit success is for Successful Login attempt 审计成功是指成功的登录尝试
Audit failure is for Failed login Attempt. 审计失败是由于登录尝试失败
You can check it frequently and if you want more detail, click on any of the list item, you’ll see more你可以经常检查它,如果你想要更多的细节,点击任何列表项目,你会看到更多
Security ID, Account name, Account domain, network etc for the login user. You can find and manage the protocol accordingly.
登录用户的安全 ID、帐户名、帐户域、网络等。您可以相应地查找和管理协议。