AnsweredAssumed Answered

Grouping machines based upon loggedonuser

Question asked by Andrew Wild on Feb 17, 2020
Latest reply on Feb 21, 2020 by Rob Dewhirst

We have information from our Email Security Solution on the users that are most often targeted by email threats.  We'd like to use this list of highly targeted users and identify the computers on which they work to validate the security posture of these machines.  Rather than create a static group based upon the people we think are at high risk, we'd like to use the actual email threat information to dynamically update a list of high risk computers.

 

Has anyone done this? I think we could use the search token "lastloggedonuser", but am unclear as to how we should create this group of machines. Can we create an asset tag to group computers on which the targeted individuals were last logged on?

Outcomes