I have seen a lot of people ask about this and have tried all the suggestions but I am unable to get this to work.
I am trying to cause a trigger if someone points in a wrong username or password on a Windows PC at least 4 times in the span of 3 minutes.
The item is successfully getting the events. If I do a trigger with {Template - Windows OS:eventlog[Security,,,,4625,,skip].logeventid(4625)}=1 this triggers successfully.
The trigger that is not working is {Template - Windows OS:eventlog[Security,,,,4625,,skip].count(180,4625)}>3
Any idea what is wrong with my second trigger? I have cause more than 4 wrong username/password events but it never triggers.
I am trying to cause a trigger if someone points in a wrong username or password on a Windows PC at least 4 times in the span of 3 minutes.
The item is successfully getting the events. If I do a trigger with {Template - Windows OS:eventlog[Security,,,,4625,,skip].logeventid(4625)}=1 this triggers successfully.
The trigger that is not working is {Template - Windows OS:eventlog[Security,,,,4625,,skip].count(180,4625)}>3
Any idea what is wrong with my second trigger? I have cause more than 4 wrong username/password events but it never triggers.
Comment