Merge pull request #15 from microsoft/kmyrup/configmgr-hub-selfhost/kmyrup/02565212-ff32-403d-afdd-83a1f7eb3ef6

Pull request with type [CREATE] for user [kmyrup] and object type [Script] - titled [Who's doing Interactive Logon]

Who's doing Interactive Logon.ps1

@@ -0,0 +1,7 @@
+$ComputerLocalHost = Get-Content env:computername
+$UserProperty = @{n="User";e={(New-Object System.Security.Principal.SecurityIdentifier $_.ReplacementStrings[1]).Translate([System.Security.Principal.NTAccount])}}
+$TypeProperty = @{n="Action";e={if($_.EventID -eq 7001) {"Logon"} else {"Logoff"}}}
+$TimeProperty = @{n="Time";e={$_.TimeGenerated}}
+$MachineNameProperty = @{n="MachineName";e={$_.MachineName}}
+
+Get-EventLog System -Source Microsoft-Windows-Winlogon -ComputerName $ComputerLocalHost | select $UserProperty, $TypeProperty,$TimeProperty,$MachineNameProperty