Security Basics mailing list archives
Storing Windows Event Logs.
From: "Nick Vaernhoej" <nick.vaernhoej () capitalcardservices com>
Date: Tue, 21 Oct 2008 10:41:51 -0500
Good morning, We are currently capturing Windows Server 2003 event logs using Snare and Kiwi. Has been working smooth and I recommend this for a simple useful setup. My questions is in regards to the new event logs from Windows Server 2008. The new events can hold quite the lengthy explanation. Kiwi is set to only capture the first 1024 characters in an event meaning half of all messages logged are cut in at least half. The important information is captured so I am not overly concerned. I just don't appreciate the "mess" in the logs. Is it time to look at a new product for off-server log storage? Is there someone out there who has tackled this in some way? Ideally I would like Windows Server 2008 to not provide its speculations within the event logs. Thank you Nick This electronic transmission is intended for the addressee (s) named above. It contains information that is privileged, confidential, or otherwise protected from use and disclosure. If you are not the intended recipient you are hereby notified that any review, disclosure, copy, or dissemination of this transmission or the taking of any action in reliance on its contents, or other use is strictly prohibited. If you have received this transmission in error, please notify the sender that this message was received in error and then delete this message. Thank you.
Current thread:
- Nessus / TSS alternatives Ray Van Dolson (Oct 17)
- Cisco IOS to defend against dod/ddos Michael Condon (Oct 20)
- Message not available
- Re: Cisco IOS to defend against dod/ddos Michael Condon (Oct 20)
- Message not available
- Re: Cisco IOS to defend against dod/ddos Michael Condon (Oct 20)
- Re: Cisco IOS to defend against dod/ddos ॐ aditya mukadam ॐ (Oct 21)
- Message not available
- Re: Cisco IOS to defend against dod/ddos Gareth Fletcher (Oct 20)
- Storing Windows Event Logs. Nick Vaernhoej (Oct 21)
- Cisco IOS to defend against dod/ddos Michael Condon (Oct 20)
- RE: Cisco IOS to defend against dod/ddos David Gillett (Oct 21)
- Re: Cisco IOS to defend against dod/ddos Michael Condon (Oct 22)
- RE: Cisco IOS to defend against dod/ddos David Gillett (Oct 22)