Sysadmin Paul

Guides on all things sysadmin and tech related

  • Azure audit logs – Last user to logon to a computer

    May 1, 2023
    Azure AD, Scripts
    Azure audit logs – Last user to logon to a computer

    I had a requirement where I needed to obtain the last user that logged in to a specific computer. All of the machines I deal with are either Azure joined or Hybrid joined so all logon events are recorded into Azure AD automatically.

    Taking advantage of this I used the Microsoft Graph audit logs to allow me from PowerShell to obtain either the last user on a computer or show me a list of all logons for that device from the past 30 days.

    https://github.com/SysadminPaul/Scripts/blob/main/Azure/GetComputerLastLogon.ps1

    Azure, Azure AD, Microsoft Graph, PowerShell
    Previous

    Leave a Reply Cancel reply

    Your email address will not be published. Required fields are marked *

About

Hi I’m Paul. I’ve worked in the IT sector for 15+ years, this blog is a place for me to share guides/tutorials with a focus on M365, Azure, Docker, and PowerShell.

  • LinkedIn
  • GitHub

Recent Posts

  • Azure audit logs – Last user to logon to a computer
  • Report Intune Configuration Policies assigned to devices
  • What is Docker Compose?
  • Setup New Ubuntu Server
  • Beginners guide to Docker

Copyright © 2023 Sysadmin Paul