Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: MS Audit logs

from [Sarbjit Singh Gill] Network Security [Permanent Link]
Subject: RE: MS Audit logs
Date: Wed, 24 May 2006 10:34:57 +0800 

Log Parser  from Microsoft.

-----Original Message-----
From: Davie Elliott - Eluse [mailto:delliott@eluse.co.uk]
Sent: Sunday, May 21, 2006 9:27 PM
To: security-basics@securityfocus.com
Subject: MS Audit logs

Hi everyone,

I'm a bit of a newbie administrator, and I have a quick question about
Microsoft windows audit logs.

Right now I have ticked every audit option in the main GPO, so I get tons of
audit objects to trawl through every week.
I was reading somewhere that MS Audit logs cycle or something so after 24
hours I have lost some audit objects.
Also, I don't really know what I'm looking for in the audits logs anyway...
except for maybe checking if some users accounts have been used when they
shouldn't have.

Anyways, I was wondering what software would be good for managing the audit
logs?... I think I read a blog from an MS employee saying someone should use
3rd party software for managing the audit logs instead of the built-in
windows thing.

Thanks for your help,

Davie.
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  InfraGard 2006 Conference, lists@infostruct.net
Next by Date:  RE: Article: "Security Absurdity: The Complete, Unquestionable, And Total Failure of Information Security.", Angela and Donald
Previous by Thread:  RE: MS Audit logs, dave kleiman
Next by Thread:  RE: MS Audit logs, Hayes, Ian
Indexes:  [Date] [Thread] [Top] [All Lists]