Re: What to use for activity reporting?
From: Daniel Angelucci (angelucc@nospam.duke.edu)
Date: 10/24/02
- Next message: Eric Fitzgerald [MS]: "Re: Event ID 676 ???"
- Previous message: Paul Meiners: "Re: Admin Password change causes problem ?"
- In reply to: David Johnston: "What to use for activity reporting?"
- Next in thread: Karl Levinson [x y] MVP: "Re: What to use for activity reporting?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 23 Oct 2002 20:16:04 -0400 From: Daniel Angelucci <angelucc@nospam.duke.edu>
M$ has a freebie called EventComb I use. It's cheap and exports log
info into a nice text file for manipulation.
There are some commercial products out there that are excellent, but my
boss enjoys seeing my forrowed brow as I comb through 300,000 security
events.
Sigh!
Dan
David Johnston wrote:
> What are people using for activity reporting? I frequently get these
> questions from upstairs:
>
> -how many logon failures have we had over the past x days?
> -when did Mary last log on?
>
> I guess other questions in this category. I would also like to be alerted
> of suspect logon activity. Short of sifting thru volumes of event log data,
> is there something out there that has a nice front end?
>
> Thanks!!!
>
> David Johnston
>
>
- Next message: Eric Fitzgerald [MS]: "Re: Event ID 676 ???"
- Previous message: Paul Meiners: "Re: Admin Password change causes problem ?"
- In reply to: David Johnston: "What to use for activity reporting?"
- Next in thread: Karl Levinson [x y] MVP: "Re: What to use for activity reporting?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
