Hi community, any idea you have to be able to detect the duration of an RDP session, I have used rules considering the correlation of login and logoff/disconnected events but I have not been able to achieve it, has anyone tried this use case before?
Will appreciate your advice, thanks!
