Managing Windows Event Logs

• Previous message: David Stevens: "RE: Windows Event Logs"
• Next in thread: Depp, Dennis M.: "RE: Managing Windows Event Logs"
• Maybe reply: Depp, Dennis M.: "RE: Managing Windows Event Logs"
• Reply: Chris Lynch: "RE: Managing Windows Event Logs"
• Maybe reply: Joseph Kim - HQ: "RE: Managing Windows Event Logs"
• Reply: Pipes Cuchifrito: "Re: Managing Windows Event Logs"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Fri, 20 Jun 2003 16:28:03 -0400
To: "focus-ms@securityfocus.com" <focus-ms@securityfocus.com>

This discussion on event logs hits home for me. I'm attempting to
build a system of gathering and archiving the event logs from a
number (15 at present but must scale to 30-40) of NT and 2K
servers.
It's not pretty.

My main source of information has been a document prepared for a
SANS course called "Centralizing Event Logs on Windows 2000" by
Greg Lalla. He scripts dumpevt.exe which I've found to be very
effective and then bcp's the csv's into a SQL dbase.

So I'm wondering what anyone else is doing to gather logs and
archive?

C.

-----------------------------------------------------------------------------
------------------------------------------------------------------------------

• Previous message: David Stevens: "RE: Windows Event Logs"
• Next in thread: Depp, Dennis M.: "RE: Managing Windows Event Logs"
• Maybe reply: Depp, Dennis M.: "RE: Managing Windows Event Logs"
• Reply: Chris Lynch: "RE: Managing Windows Event Logs"
• Maybe reply: Joseph Kim - HQ: "RE: Managing Windows Event Logs"
• Reply: Pipes Cuchifrito: "Re: Managing Windows Event Logs"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]