RE: audit trails for file access
- From: "David Greig" <David.Greig@xxxxxxxxxx>
- Date: Fri, 6 Jan 2006 16:26:24 -0000
I actually use NTSyslog to send my logs off to a syslog server, as I
found that Eventlog to Syslog would crash unexpectedly on our Citrix
servers. It also allows you a fair bit of customisation of your log
options which I've found quite useful. You can download it here:
http://sourceforge.net/projects/ntsyslog/.
On the syslog server side, I use syslog-ng to log to a MySQL database.
Syslog-ng is here:
http://www.balabit.com/products/syslog_ng/
For instructions on logging to a MySQL database, and to check through
the logs, php-syslog-ng has been pretty useful for me:
Download: http://www.phpwizardry.com/php-syslog-ng.php
Instructions for setup:
http://www.phpwizardry.com/demo/index.php?pageId=help
Hopefully that'll get you started on setting it up. Of course though,
you need a Linux/Unix box to send the logs to for the syslog option.
-----Original Message-----
From: Scott Liebergen [mailto:sliebergen@xxxxxxxxxxxx]
Sent: 06 January 2006 15:00
To: focus-ms@xxxxxxxxxxxxxxxxx
Subject: RE: audit trails for file access
In regards to logging to another machine, use the Eventlog to Syslog
Utility found here --->
https://engineering.purdue.edu/ECN/Resources/Documents/UNIX/evtsys to
log to a syslog server.
Cheers,
-Scott
-----Original Message-----
From: Murad Talukdar [mailto:talukdar_m@xxxxxxxxxx]
Sent: Friday, January 06, 2006 1:15 AM
To: focus-ms@xxxxxxxxxxxxxxxxx
Subject: audit trails for file access
Hi,
I was wondering if there are any other file access/modification audit
trails generated apart from the ones which can be set through the
security/auditing tab for a folder's properties.
I want to know if there is any kind of logging done by default when a
2003 box is uhh, fresh out of the box.
Also, how can logs be sent to another machine for storage?
Kind Regards
Murad Talukdar
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
________________________________________________________________________
This e-mail has been scanned for all viruses by Star. The service is
powered by MessageLabs. For more information on a proactive anti-virus
service working around the clock, around the globe, visit:
http://www.star.net.uk
________________________________________________________________________
________________________________________________________________________
This e-mail is from Gresham LLP. This e-mail, together with any
attachments, is for the exclusive and confidential use of the addressee(s).
If you are not the addressee, or the person responsible for delivering it
to the addressee, you may not copy or deliver this to anyone else. If you
have received the e-mail in error please notify support.team@xxxxxxxxxx or
telephone +44 (0)20 7309 5000. Postal address One South Place, London EC2M
2GT. No. OC302703. Gresham LLP is authorised and regulated by the Financial Services Authority.
You can also visit us at our website: www.gresham.vc
_________________________________________________________________
This e-mail has been scanned for all viruses by Star Internet. The
service is powered by MessageLabs. For more information on a proactive
anti-virus service working around the clock, around the globe, visit:
http://www.star.net.uk
________________________________________________________________________
---------------------------------------------------------------------------
---------------------------------------------------------------------------
- Prev by Date: Re: audit trails for file access
- Next by Date: RE: New article on SecurityFocus
- Previous by thread: Re: audit trails for file access
- Index(es):
Relevant Pages
|
