Security Basics mailing list archives
RE: Monitoring of Admin logins
From: "Petter Bruland" <pbruland () fcglv com>
Date: Tue, 10 Apr 2007 10:25:08 -0700
You might be able to do this by using Evtsys and a syslog server. On the syslog server you would have to setup some sort of triggered event based on the incoming syslog event. Evtsys - https://engineering.purdue.edu/ECN/Resources/Documents/UNIX/evtsys Syslog server - http://www.kiwisyslog.com/index.php !*!* Not sure if the free Kiwi syslog server will be able to send emails etc based on the syslog message it receives. Anyway, we'll probably see some other solutions from this list that will work better. -Petter -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Sohail Sarwar Sent: Tuesday, April 10, 2007 9:26 AM To: security-basics () securityfocus com Subject: Monitoring of Admin logins Hi there, I am assuming this have been done, but how ? I would like to get notified when a user logs in to my domain as an admin (Administrator) I have several people who are using the admin account, and I would like to setup something so that it notifies me via and email that a specific person has logged in to the domain controller or windows 2003 servers as the administrator. I guess something like who the user is and from where.. Is there such a thing ? Thanks, Sohail
Current thread:
- Re: Audit Windows files/folders, (continued)
- Re: Audit Windows files/folders Noaman Khan (Apr 04)
- RE: Audit Windows files/folders James Winzenz (Apr 05)
- Re: Audit Windows files/folders Tornado (Apr 09)
- RE: Audit Windows files/folders Scott Ramsdell (Apr 09)
- Re: Audit Windows files/folders Rob Creely (Apr 10)
- Re: Audit Windows files/folders TStark (Apr 10)
- RE: Audit Windows files/folders J.M. Seitz (Apr 10)
- Message not available
- Fwd: Audit Windows files/folders kevin fielder (Apr 11)
- RE: Audit Windows files/folders Scott Ramsdell (Apr 09)
- Re: Audit Windows files/folders Noaman Khan (Apr 04)
- Monitoring of Admin logins Sohail Sarwar (Apr 10)
- RE: Monitoring of Admin logins Petter Bruland (Apr 10)
- RE: Monitoring of Admin logins Dixon, Wayne (Apr 10)
- Re: Monitoring of Admin logins Buz Dale (Apr 10)
- Re: Monitoring of Admin logins Steven Adair (Apr 11)
- Re: Monitoring of Admin logins Steven Hollingsworth (Apr 11)