Chrissy LeMaire shows us several ways to track who has connected to your SQL Server instance:
Using the default trace is pretty lightweight and backwards compatible. While I generally try to avoid traces, I like this method because it doesn’t require remote access, it works on older SQL instances, it’s accurate and reading from the trace isn’t as CPU-intensive as it would be with an Extended Event.
Click through for details on this as well as three other methods, along with the dbatools glue to make it work.