1. Windows security event log library
2. Windows Security Log Events

<QueryList>
  <Query Id="0" Path="Security">
    <Select Path="Security">*
      [System
        [
          band(Keywords,4503599627370496)
          and (EventID=4776)
          and TimeCreated[timediff(@SystemTime) &lt;= 3600000]
        ]
        and EventData[Data[@Name="TargetUserName"]="MyUser"]
      ]
    </Select>
  </Query>
</QueryList>

<QueryList>
  <Query Id="0" Path="Security">
    <Select Path="Security">*[
 
       System[(EventID=4624)]
 
     and
      EventData[Data[@Name='LogonType']='3']
 
and
     EventData[Data[@Name='AuthenticationPackageName']='NTLM']
 
]</Select>
    <Suppress Path="Security">
        *[EventData[(Data[@Name='TargetUserName'] = 'HealthMailbox07ac277')]] 
  </Suppress>
  </Query>
</QueryList>