RE: Centralizing Event Viewer Logs



Take a look at Event Tracker from Prism Microsystems. It's pretty
extensive as far as what it can do, so it may be more than you are
looking for, but it's worth a visit: http://www.prismmicrosys.com
Brad

-----Original Message-----
From: listbounce@xxxxxxxxxxxxxxxxx [mailto:listbounce@xxxxxxxxxxxxxxxxx]
On Behalf Of Ron Johnson - Adhost
Sent: Tuesday, January 29, 2008 12:27 PM
To: Kurt Buff
Cc: focus-ms@xxxxxxxxxxxxxxxxx
Subject: RE: Centralizing Event Viewer Logs

Thanks for all the quick input folks. I will definitely look into each
solution.


-Ron

-----Original Message-----
From: Kurt Buff [mailto:kurt.buff@xxxxxxxxx]
Sent: Tuesday, January 29, 2008 12:24 PM
To: Ron Johnson - Adhost
Cc: focus-ms@xxxxxxxxxxxxxxxxx
Subject: Re: Centralizing Event Viewer Logs

There are several alternatives, but I've settled on the Kiwisoft
syslog server (the free version is fine, but the pay version is cheap
and does some very nice extra things) and the IntersectAlliance Snare
syslog client. The Snare client takes each event entry, formats it to
a single line, then sends it to the syslog server. Install it on each
of your machines for which you are monitoring event logs, and it works
nicely.

On Jan 29, 2008 11:51 AM, Ron Johnson - Adhost <ron@xxxxxxxxxx> wrote:
Hello List:

I was looking into options that will allow us to centralize Event
Viewer
Logs in an Active Directory domain - can anyone recommend any software
for this? It would be great if we could find a piece of software that
does just this - not a full blown enterprise security solution that
cost$ and does many other things that we wouldn't use it for
necessarily.

Thanks!


Email Disclaimer: http://www.co.marin.ca.us/nav/misc/EmailDisclaimer.cfm



Relevant Pages

  • RE: Centralizing Event Viewer Logs
    ... Subject: Centralizing Event Viewer Logs ... syslog client. ... then sends it to the syslog server. ...
    (Focus-Microsoft)
  • Re: Centralizing Event Viewer Logs
    ... Linux ext2 FS has the acl to allow logfiles only to opens ... protects the collected logs on the syslog server from even the admins. ... Subject: Centralizing Event Viewer Logs ...
    (Focus-Microsoft)
  • RE: Centralizing Event Viewer Logs
    ... How does one then protect the syslog server from tampering? ... protects the collected logs on the syslog server from even the admins. ... Subject: Centralizing Event Viewer Logs ...
    (Focus-Microsoft)
  • RE: Centralizing Event Viewer Logs
    ... great on my local servers so after a while I tried it on a server at my ... Subject: Centralizing Event Viewer Logs ... then sends it to the syslog server. ...
    (Focus-Microsoft)
  • Re: Centralizing Event Viewer Logs
    ... Behalf Of Ron Johnson - Adhost ... Subject: Centralizing Event Viewer Logs ... I was looking into options that will allow us to centralize Event Viewer ...
    (Focus-Microsoft)