Accessing eventlogs remotely & Analysis of them
From: Mathew Davies (mathew.davies_at_ipt-ltd.co.uk)
Date: 01/12/04
- Previous message: Sergey V. Gordeychik: "RE: Accessing eventlogs remotely on W2K3 Server"
- Next in thread: Tevfik Karagülle: "Re: Accessing eventlogs remotely & Analysis of them"
- Reply: Tevfik Karagülle: "Re: Accessing eventlogs remotely & Analysis of them"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 12 Jan 2004 11:18:01 -0000 To: <focus-ms@securityfocus.com>
I use a program to send all our windows systems event to
a central linux syslog server. Currently I run the old
logcheck package on it hourly to try and spot anything
important as well as manual viewing them. But I was
wondering it anyone knew of a better package to run for
the automated analysis of windows events on a linux
syslog server, as logcheck really isn't geared toward it.
This isn't intended to remove the manual review of the logs
just to be a good addition to it and help to spot tends.
-Mat
________________________________________________________________________
This e-mail has been scanned for all viruses by Star Internet. The
service is powered by MessageLabs. For more information on a proactive
anti-virus service working around the clock, around the globe, visit:
http://www.star.net.uk
________________________________________________________________________
---------------------------------------------------------------------------
---------------------------------------------------------------------------
- Previous message: Sergey V. Gordeychik: "RE: Accessing eventlogs remotely on W2K3 Server"
- Next in thread: Tevfik Karagülle: "Re: Accessing eventlogs remotely & Analysis of them"
- Reply: Tevfik Karagülle: "Re: Accessing eventlogs remotely & Analysis of them"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
