I want to configure a stream/alert, that would notify me when a single user connects to mutliple machines in a short amount of time. A Search, Graph would also be useful, but I’d prefer an alert, something like this: https://answers.splunk.com/answers/221765/users-logging-windows-on-two-machines-at-the-same.html
I’m aleady getting EvendID 4624, I just can’t create a proper search.