Re: Microsoft Audit Collection System

From: Mike Lyman (mikelyman-security_at_comcast.net)
Date: 07/20/04

  • Next message: Kirk Foutts: "RE: Browser Vulns"
    Date: Tue, 20 Jul 2004 14:55:03 -0500
    To: focus-ms@securityfocus.com
    
    

    travis.abrams@hklaw.com wrote:

    > I have "played" with the Release Candidate and I like it. It was a
    > little complicated in getting it setup. One thing I recently found out
    > is that MS is not creating a front-end application to query the data. So
    > you will have to create one or purchase one from another vendor.

    Since it reports to SQL Server you should have Query Analyzer available.
    Another good way to work it is creating view that you can routinely pull
    into Excel for its filtering ability.

    In three or four years working with IDSes, Query Analyzer and views
    imported to Excel proved to be better tools than any of the IDS
    GUIs/Consoles.

    -- 
    Mike Lyman, CISSP
    mikelyman-security@comcast.net
    "You can't take the sky from me"
    ---------------------------------------------------------------------------
    ---------------------------------------------------------------------------
    

  • Next message: Kirk Foutts: "RE: Browser Vulns"