Security Basics mailing list archives
RE: MS Audit logs
From: Sarbjit Singh Gill <ssgill () gilltechnologies com>
Date: Wed, 24 May 2006 10:34:57 +0800
Log Parser from Microsoft. -----Original Message----- From: Davie Elliott - Eluse [mailto:delliott () eluse co uk] Sent: Sunday, May 21, 2006 9:27 PM To: security-basics () securityfocus com Subject: MS Audit logs Hi everyone, I'm a bit of a newbie administrator, and I have a quick question about Microsoft windows audit logs. Right now I have ticked every audit option in the main GPO, so I get tons of audit objects to trawl through every week. I was reading somewhere that MS Audit logs cycle or something so after 24 hours I have lost some audit objects. Also, I don't really know what I'm looking for in the audits logs anyway... except for maybe checking if some users accounts have been used when they shouldn't have. Anyways, I was wondering what software would be good for managing the audit logs?... I think I read a blog from an MS employee saying someone should use 3rd party software for managing the audit logs instead of the built-in windows thing. Thanks for your help, Davie.
Current thread:
- MS Audit logs Davie Elliott - Eluse (May 23)
- RE: MS Audit logs dave kleiman (May 23)
- <Possible follow-ups>
- RE: MS Audit logs Sarbjit Singh Gill (May 24)
- RE: MS Audit logs Hayes, Ian (May 24)
- RE: MS Audit logs Nick Vaernhoej (May 25)
- RE: MS Audit logs Daniel Cid (May 29)