RE: Deleting NT audits ?From: Chris Merkel (firstname.lastname@example.org)
- Previous message: Matthew.van.Eerde@hbinc.com: "RE: What port is this being used"
- Maybe in reply to: centipede: "Deleting NT audits ?"
- Next in thread: Frank Heyne: "Re: Deleting NT audits ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Message-ID: <3D1C775474CAD211942D00805FC7EB0B4C7CD5@wisconsinnt.geo-synthetics.com> From: Chris Merkel <email@example.com> To: 'centipede' <firstname.lastname@example.org>, email@example.com Subject: RE: Deleting NT audits ? Date: Tue, 14 Aug 2001 16:29:59 -0500
First keystroke logging, then remote share management, now logfile
Curious minds want to know - why would you want to alter audit logs?
I can see cleaning up server logs because of stupid Win2k boxes forcing
elections, or a service going nutty and filling up a log... but security
> -----Original Message-----
> From: centipede [mailto:firstname.lastname@example.org]
> Sent: Tuesday, August 14, 2001 12:49 PM
> To: email@example.com
> Subject: Deleting NT audits ?
> Is there a way to delete specific NT4.0 audits entries,
> without deleting
> the whole bunch ?
> Any text/gui builtin_functions/3rd_party_utilities would be great.
> Btw, has anyone tried manually editing those files with any success ?
> Thanks !