handling log files

["Kampanellis John" <ikampa () softlab ntua gr>]

Hi!

I have to design the security policy for a large company. The company has
a large number of Win2k boxes.
For the moment, I am trying to create a local security policy for the Win2k
workstations.

Among other things, I want to enable the auditing and event logs. I would
like to find a way to control the log files. To be more precise, I would
like to find a way to check if the log files size overpass a certain per
cent. In
that case, I would like to save them in a specific file and then clean them.

I imagine that I have to write some kind of script. However, I don't know
where to start.

Another thing is that I would like to keep a trace of people logging-on. We
are using
Microsoft's Active Directory. What I would like to do, is every time someone
logs on
in a machine (not precise) the login of that person to be written in a file.
Is there something
already out there or should I write a script?

Any help would be appreciate.

Thnx in advance.
John
---------------------------------------------------------
Hacking may be cool.....but securing is COOLER!



---------------------------------------------------------------------------
Attend Black Hat Briefings & Training Federal, September 29-30 (Training), 
October 1-2 (Briefings) in Tysons Corner, VA; the world's premier 
technical IT security event.  Modeled after the famous Black Hat event in 
Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors.  
Symantec is the Diamond sponsor.  Early-bird registration ends September 6.Visit us: www.blackhat.com
----------------------------------------------------------------------------