Hello Paul,
ATA is an on-premises platform that detects multiple suspicious activities, and helps protect your enterprise from attacks. I think it can't totally fulfill your requirements.
However, ATA builds a profile for each user and computer in the network. you can leverage it for collecting the required information.
In the user profile ATA displays general information, such as group membership, recent logins, and recently accessed resources.
In the computer profile, ATA displays general information, such as recently logins and recently accessed resources.
You can search for a specific user, computer or groups from the search bar in ATA Console.
Best regards,
Andy Liu
Please remember to mark the replies as answers if they help.
If you have feedback for TechNet Subscriber Support, contact
tnmff@microsoft.com.