Search Knowledge Base

LogClarity® has been designed for real world scenarios and demands by security professionals in enterprise environments so you can find the event instantly with limited information you have available. The possibilities of scenarios of what you need to find in your security logs are endless. Our solution provides the framework for highly intuitive and powerful searches. Here are some examples:

Real World Scenarios

• Find events when a change has been made to a group policy object.
• Find events when a specific group policy got applied to an OU.
• Find where the object was deleted or moved from.
• Find events when a user account was locked out.
• Find events when a user edited the permissions of an object.
• Search by time scope.
• Search by description.
• Search by Event ID.
• Search by location.
• Search by old object names.
• Find events by the GUID of the object.
• Find events when a mailbox gets assigned to a user.
• Find events when a mailbox gets removed from a user.

Activity Logs - Real World Scenarios

• Find the events when any user has made changes to a specific object.
• Find the events when a specific user has made changes to any object.
• Find the events when a specific user has made changes to a specific object.
• Find the events when any user in a specific OU has made any changes to any object.
• Find the events when any user has made any changes to any object in a specific OU.
• Find the events when any user in a specific OU has made any changes to any objects in a specific OU.
• Find the events when a user object was created.
• Find the events when a user object was moved to another OU.
• Find the events when a user object was deleted.
• Find the events when a user has been added to a group.
• Find the events when a user has been removed from a group.
• Search events by type of object edited.
• Search events by attribute modified.

Logon Logs - Real World Scenarios

• Find all users who logged onto a specific computer.
• Find all users who failed to log onto a specific computer.
• Find all computers that a specific user has logged into.
• Find all computers that a specific user failed to log onto.
• Find the events when a specific user has logged onto a specific computer.
• Find the events when a specific user failed to log onto a specific computer.
• Find the events when users from a specific OU logged onto any computer.
• Find the events when users from a specific OU has failed to log onto any computer.
• Find the events when any user has logged onto any computers in a specific OU.
• Find the events when any user has failed to log onto any computer in a specific OU.
• Find the events when users from a specific OU has logged into any computers in a specific OU.
• Find the events when users from a specific OU has failed to log onto any computer in a specific OU.
• Search logons by IP Address.