-
Notifications
You must be signed in to change notification settings - Fork 105
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Converted Authentication log does not seem to be generated in all instances. #19
Comments
If you could provide the logs from a run that didn't generate the converted file that would assist in being able to determine what is failing. |
So I actually have an audit that ran for a user over the time period of 4/16/2019 thru 8/15/2019 that did not generate any logs. Changing the start date to 5/31 I then get Sanitized section of the log below - let me know if you need different logs. logs generated |
I've come into scenarios where the ip's are not looked up and no converted_authentication_log file is generated. Is there a reason/criteria for when this occurs? In a compromised account today, a search over the past 10 days did run through and create the logs however a search for the past 120 days did not.
On a related note it would be good to be able to search for logs between X and Y days such as 80-90 days ago to get more details if you knew from other experience that an account was compromised around a certain date in the past.
The text was updated successfully, but these errors were encountered: