I am new to InTust and I am trying to setup a rule that sends an alert when someone fails to logon for either a bad password or a bad username. The issue is that the logs come in entirely under insertion string 1 and Event ID 0. I have used the 3 parameters thus far. Threshold for the 3 attempts, Time Period, and Keys to define the failed logon message within the field. I need it to now read the username written in that same field. If someone could help me out I would greatly appreciate it. Thank you!
- Products
- Solutions
- View all Solutions
- Industries
- Platforms
- Cloud Management
- Data Protection
- Database Management
- GDPR Compliance
- Identity & Access Management
- Microsoft Platform Management
- Performance Monitoring
- Unified Endpoint Management
- Resources
- Trials
- Services
- Support
- Partners
- Blogs
- Forums