Audit Logon EventsOn Windows Server Based Network

UserLock records and reports on every session access event, enabling IT teams to perform accurate and detailed auditing on all activity across the whole Windows Server based network.

User Logon Auditing far beyond native Windows reporting

Simply logging all access logon events is not sufficient to protect an organization’s infrastructure from malicious activity and security breaches.

By centralizing and archiving all events across the whole Windows Server based network, UserLock offers comprehensive reports and detailed insights on all session activity. Accurate information is available about who was connected, from which system(s), since what time, for how long, etc.

  • Significantly reduce the time and cost spent on tracking and auditing all employee network access.
  • Perform accurate auditing and detailed IT forensics to support internal analysis and legal investigations.
  • Provide access audit data necessary for compliance with major industry regulations, including HIPAA, NIST 800-53, Sarbanes-Oxley, PCI, NIPSOM Chapter 8…

Windows Logon Events

UserLock records all access events into an ODBC (Microsoft Access, SQL Server, MySQL) database for reporting. Comprehensive, detailed reports can be generated automatically (and emailed) at regular intervals.

The predefined reports include:

Session history

Detailed connection list (logon, lock, unlock, logoff instances, users, domains, workstations, etc.)

Session Statistics

Displays total login, total connection time and average time per session for a given user and period

Agent Distribution

View of the agent installation status on all computers of the protected network zone

User sessions

Snapshot view of all concurrent logins at display time

Session count evolution

View of the evolution of all opened sessions

Wifi/VPN sessions

View of the history, statistics and a chart displaying the evolution of the number of Wifi/VPN sessions


Printable version of dashboard

Video tutorial

Watch how UserLock allows IT to easily report and audit on all user logon events.

Ensuring user accountability for any malicious activity

By putting in place logon event auditing, organizations understand they can review logs after an incident to support IT forensics. However by not controlling concurrent logins a whole accountability and non-repudiation issue is created.

Only by eliminating concurrent logins – as is the case with UserLock – can an organization accurately identify search, report and archive user access and make a user accountable for any malicious activity.