I've been doing some security checkups and am trying to track down a orphaned service account for something trying to logon from the server veeam one is also running on. I am noticing there is an absolutely huge amount of security events from veeam one for logons. So many so that I can't even fit a full day of logs with the default event log viewer settings. I get 2-3 messages every 2-3 seconds, all the time, and I don't even have veeam one console interface running.
Mainly it is:
- Logon was attempted using explicit credentials
- Account was logged off
- Special privledges assigned
Is there a way this could be cut down? I know this would have to be a technical change on veeam's end as this is not specifically due to veeam but windows logging veeam doing it's thing. Not having 1 full day of logs is annoying - I have a log management program, but it's not as easy to read as windows event viewer (and certainly not as fast).