Skip to main content
Question

Logon logoff event logging to SQL

A
Forum|alt.badge.img+10

Hello,
Currently we are undergoing a security initiative where we must meet certain security requirements. One of these requirements is the logging of all logon/logoff events. We have a mixed environment of Windows and Macintosh. I have already got this setup for our Windows environment by utilizing Event Collector on Windows Server 2012 R2, where the Windows client systems are submitting their logs to the collector, and then on the collector server I use a PowerShell script to move the events to a SQL database. This meets the requirements.

But I am supposed to implement the same for our Mac environment. I need to collect the logon/logoff events and store them in SQL.

I am curious if anyone else is doing this, and if so, how you are doing it.

Thanks,
Aaron.

    2 replies

    A
    Forum|alt.badge.img+10
    • aamjohns
    • Author
    • Valued Contributor
    • 214 replies
    • July 9, 2014

    I stumbled on this, and I am looking at it now. But this looks like it might be in the right ballpark. Is anyone using this?
    http://it.bmc.uu.se/andlov/proj/adm/whoson/
    http://it.bmc.uu.se/andlov/proj/adm/whoson/macosx/
    http://it.bmc.uu.se/andlov/proj/adm/whoson/sql/

    A
    Forum|alt.badge.img+10
    • aamjohns
    • Author
    • Valued Contributor
    • 214 replies
    • July 9, 2014

    My apologies if this is off topic for JAMF forum. I posted here because I thought I may be utilizing features offered in Casper and also, in case anyone else has to go down this road.

    Aside from what I posted above, it also appears that I could potential utilize policy execution with the login/logout hooks. A custom script to write information to the SQL database should suffice. I've learned some scripting but this will be new territory for me to 1) encrypt the connection and 2) configure connecting to a MS SQL server and 3) recording the proper information.

    Reply


    Most helpful members this week

    Terms & ConditionsCookie settingsAccessibility statement

    Cookie policy

    We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

     
    Cookie settings