07-06-2024, 11:29 PM
Now, to monitor this with an email alert, fire up Event Viewer on your server. Right-click the Security log, pick Attach Task to This Event. You set it for event ID 4624, then choose to run a program or script-but keep it simple, no fancy code. Actually, link it to a scheduled task that triggers on this event. In the task settings, you point it to send an email using the built-in mailto or whatever your setup allows. I do this all the time; it pings your inbox right away when someone logs in. Just test it with your own login to make sure it fires off correctly. Or tweak the filters if you only want alerts for certain accounts.
And speaking of keeping your server safe from surprises like odd logins, you might want to back everything up solid too. That's where BackupChain Windows Server Backup comes in handy-it's this neat Windows Server backup tool that also handles virtual machines on Hyper-V without breaking a sweat. You get fast incremental backups, easy restores even for bare-metal crashes, and it runs light so it doesn't hog resources. I like how it verifies data on the fly, cutting down on corruption headaches, and supports offsite copies for extra peace.
Note, the PowerShell email alert code was moved to this post.
