Hi ,
Q : Is there a way to Pull Through Relevance An Analysis to view IF [Event Viewer ID] was created Last day or so with {Log_Name ; Source & User (ID=4741 for example) ::
exists records whose (event id of it = 4741) of event log “A computer account was created” and (now - time generated of it < 1day)) of system event log
or
(time generated of it, description of it) of records whose (event id of it = 8015 and (now - time generated of it < 1day)) of system event log