Liongard Library

Welcome to Liongard Library, where Lions share! This is a community-led space where Liongard users can come to teach and learn from one another.
Share custom Metrics, get inspired and see what’s trending in the Pride.

Pride Etiquette:
➕ Have great custom Metrics? Add them as entries!
🌟 Want to use a Metric? Copy the query and follow this doc.
👍 Tried a Metric from the Library? Like it!
📣 Have a question or feedback on a Metric? Add a comment!
🔎 Not sure where to start? Learn about Metrics and how to write them.
💬 Need help writing a metric or want to help support others? Join the conversation in our Liongard Lounge #metrics slack channel.


🥴 See something off? Open a support chat to let us know.

Add a new Metric entry Subscribe
Categories Active Directory
Created by Ben Jones
Created on Jul 7, 2021

RELATED METRIC

Active Directory: User Accounts With Brute Force Attempts List (Not disabled)

This works in conjunction with the User Accounts with Brute Force Attempts count.

Inspector Active Directory
Query

Users[?AnomalousActivity.contains(@,`Brute Force`) && UserStatus == `Active`].join(``, [UserName, `, Bad Login Attempts:`, to_string(BadLogonCount), `,Last Bad Password Attempt:`, to_string(LastBadPasswordAttempt)]) | join(` | `, @, )
  • Attach files