I am trying to extract Logs from event viewer security log. I am trying to find the easiest way. I believe using Powershell to get this data is the easiest way. I am trying to get a nice excel document on employee logons to a server. The event codes i need are 4985 and 5140. They typically login using Citrix Xenapp. What I need is the Subject details to show. The security ID or Account name would be an easy way to identify a user.
I can get the event logs using Get-Eventlog using this command. What i need is the account name or security ID of specific user, otherwise that other data would be useless for me.