Re: Managing Windows Event Logs
From: Pipes Cuchifrito (pipes_at_rapturesecurity.com)
Date: 06/24/03
- Previous message: Leo, Joel: "RE: Windows 2000 password policy"
- In reply to: Chuck Meeusen: "Managing Windows Event Logs"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: Chuck Meeusen <cmeeusen@optonline.net> Date: Mon, 23 Jun 2003 20:58:11 -0700
Check out,
http://ntsyslog.sourceforge.net
For gathering the logs.
I havent used this past testing, but seems to be stable enough.
As for archiving, I don't think you could go past
http://msyslog.sourceforge.net. I know this isn't an ideal solution for
windows centric networks, but if the shoe fits....
p
Chuck Meeusen writes:
> This discussion on event logs hits home for me. I'm attempting to
> build a system of gathering and archiving the event logs from a
> number (15 at present but must scale to 30-40) of NT and 2K
> servers.
> It's not pretty.
>
> My main source of information has been a document prepared for a
> SANS course called "Centralizing Event Logs on Windows 2000" by
> Greg Lalla. He scripts dumpevt.exe which I've found to be very
> effective and then bcp's the csv's into a SQL dbase.
>
> So I'm wondering what anyone else is doing to gather logs and
> archive?
>
> C.
>
>
> -----------------------------------------------------------------------------
> ------------------------------------------------------------------------------
>
Pipes
Rapturesecurity.com
-----------------------------------------------------------------------------
------------------------------------------------------------------------------
- Previous message: Leo, Joel: "RE: Windows 2000 password policy"
- In reply to: Chuck Meeusen: "Managing Windows Event Logs"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
