scotgabriel/FailedLogons.ps1

## FailedLogons.ps1
# Powershell to get last 2 collected entries from Forwarded Events log having ID of 4625 (failed logon)
get-winevent -filterhashtable @{logname = 'ForwardedEvents'; id = 4625} -maxevents 2 | format-table -wrap -autosize
	# Powershell to get last 2 collected entries from Forwarded Events log having ID of 4625 (failed logon)
	get-winevent -filterhashtable @{logname = 'ForwardedEvents'; id = 4625} -maxevents 2 \| format-table -wrap -autosize