Re: Event Logs

From: K.V (KV_at_discussions.microsoft.com)
Date: 01/29/05

• Next message: ambharish: "Re: Inheritable/Can Propagate ?"
• Previous message: K.V: "Re: Event Logs"
• In reply to: Steven L Umbach: "Re: Event Logs"
• Next in thread: Steven L Umbach: "Re: Event Logs"
• Reply: Steven L Umbach: "Re: Event Logs"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Sat, 29 Jan 2005 06:05:02 -0800

Thanks Steven, i read about the tools. The first one from foundstone says its
for windows NT and IIS. Will it work with Windows 2000 server logs and
Windows server 2003 logs ?

Also, how can we know what data the event log contains ? Like for example
when i were to use dumpel to export the event logs to database, th enumber of
columns coming were not consistent all the time.

So i thought i should start at the root. First knowing what data the event
log contains? Like for example there might be a standard like for a any give
event the event log contains "X" pieces of data!.

Thanks
K.V

"Steven L Umbach" wrote:

> A couple come to mind. Ntlast from Foundstone and PsLogList from
> SysInternals as shown in the links below.. --- Steve
>
> http://www.foundstone.com/index.htm?subnav=resources/navigation.htm&subcontent=/resources/proddesc/ntlast.htm
> http://www.sysinternals.com/ntw2k/freeware/psloglist.shtml
>
> "K.V" <KV@discussions.microsoft.com> wrote in message
> news:F222B4CC-2186-48F7-8304-2DD0C4F26BAB@microsoft.com...
> > Can someone suggest a good tool i can use to dump event (especially
> > security)
> > log information from our DC (only one at this time) to a file (text, csv,
> > etc..) so i can import that information in to a Database.
> >
> > Thanks
> > K.V
>
>
>

• Next message: ambharish: "Re: Inheritable/Can Propagate ?"
• Previous message: K.V: "Re: Event Logs"
• In reply to: Steven L Umbach: "Re: Event Logs"
• Next in thread: Steven L Umbach: "Re: Event Logs"
• Reply: Steven L Umbach: "Re: Event Logs"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: been hit by hacker, servudaemon installed ... >Every single one of the web servers and internet server ... >Windows, Apache, you name it. ... >commands they entered in your IIS server logs. ... (microsoft.public.inetserver.iis.security) Re: been hit by hacker, servudaemon installed ... Every single one of the web servers and internet server operating systems ... Windows, Apache, you name it. ... commands they entered in your IIS server logs. ... (microsoft.public.inetserver.iis.security) Re: Winvnc hack! [25 KB] ... came in from a service such as IIS that logs IP address. ... Check your IIS ... Some firewall software such as ... You can also use the NETSTAT -A command that comes with Windows to look at ... (microsoft.public.win2000.security) Re: Storing passwords ... passwords themselves are generally not stored in plaintext unless you have ... called SAM [unless the computer is joined to a Windows 2000 Active Directory ... before a firewall and antivirus have been installed]. ... not discovered until after an intrusion, when the logs ... (microsoft.public.win2000.security) Re: Performance counters and logs - inadvertent wipeout? ... Manage System Monitor Counters in Windows XP ... >| message saying that my Performance counters and logs had been removed, ... >| Can I get these counters and logs back, ... (microsoft.public.windowsxp.perform_maintain)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint