Forum Discussion
9 Replies
Sort By
Related Content
- 4 months ago
- 2 years agoAnonymous
- 2 months ago
We have a team that would like to get alerted on 20 consecutive failed logon attempts from a single account on any of our SQL servers in a 30 minute time frame. I started out using the eventsource for errors in the security event log and set it watch for EventID 4625. I am not very savvy with groovy and am now looking at setting up with a Powershell script via a new Datasource but I am having some trouble with it. If anyone has any ideas on how to best script this I would greatly appreciate the help!