Windows : Trace recent rdp sessions

Install log parser Create a bat file like (change server accordingly): echo off cls c: cd "c:\Program Files\Log Parser 2.2\" logparser.exe file:TSLoginsDetails_More.sql?source=\\server\Security -o:DATAGRID Create a sql file like : SELECT       timegenerated,       EXTRACT_TOKEN(Strings,0,'|') AS User,       EXTRACT_TOKEN(Strings,4,'|') AS ClientName,       EXTRACT_TOKEN(Strings,5,'|') AS ClientAddress FROM %Source% WHERE EventID=682 ORDER BY timegenerated desc Run the bat file as admin