Security Basics mailing list archives

Re: Central Win2000 auditing logs

From: Birl <sbirl () temple edu>
Date: Thu, 19 Jun 2003 11:55:41 -0400 (EDT)

sgay:  Date: Wed, 18 Jun 2003 19:25:20 -0400
sgay:  From: Stephen Gay <sgay () ellijay com>
sgay:  To: security-basics () securityfocus com
sgay:  Subject: Re: Central Win2000 auditing logs
sgay:
sgay:  Scott,
sgay:
sgay:  Yup, another dept in my organization maintain a linux server specifically
sgay:  for logging. I'll look more into the NTsyslog tool you spoke of; do you have
sgay:  postive feedback to go with it?
sgay:
sgay:  Thanks,
sgay:  Stephen



Aye.  The latest version, 1.13 (download from SourceForge) is pretty easy
to install and configure.

There's 1 rather important bug which the creator needs to fix.  Seems to a
buffer issue that only happens from time to time.

Otherwise, I have it running on serveral servers.


 Scott Birl
 Senior Systems Administrator            Computer Services   Temple University
 1805 North Broad Street  Philadelphia   Pennsylvania 19122  United States
====*====*====*====*====*====*====*====+====*====*====*====*====*====*====*====*



sgay:  ----- Original Message -----
sgay:  From: "Birl" <sbirl () temple edu>
sgay:  To: <security-basics () securityfocus com>
sgay:  Sent: Wednesday, June 18, 2003 4:31 PM
sgay:  Subject: Re: Central Win2000 auditing logs
sgay:
sgay:
sgay:  > sgay:  Date: Wed, 18 Jun 2003 13:32:18 -0400
sgay:  > sgay:  From: Stephen Gay <sgay () ellijay com>
sgay:  > sgay:  To: security-basics () securityfocus com
sgay:  > sgay:  Subject: Central Win2000 auditing logs
sgay:  > sgay:
sgay:  > sgay:  Hello,
sgay:  > sgay:
sgay:  > sgay:  Does anyone have any experience with centrally locating Windows2000 log
sgay:  > sgay:  files, for disaster recovery sake?
sgay:  > sgay:
sgay:  > sgay:  What I have in mind is a dedicated server with a large storage array, that
sgay:  > sgay:  holds the log files for all of the servers in a company. I know that
sgay:  > sgay:  Windows2000 doesn't have this capacity built in, but I've heard that 3rd
sgay:  > sgay:  party vendors offer products that do this.
sgay:  > sgay:
sgay:  > sgay:  More importantly, has anyone ever done this with a Perl script or reliable
sgay:  > sgay:  freeware?
sgay:  > sgay:
sgay:  > sgay:  Thanks for any help or advice,
sgay:  > sgay:  Stephen Gay
sgay:  >
sgay:  >
sgay:  >
sgay:  > Have a UNIX server to log to?  You could use NTsyslog, which is free.

---------------------------------------------------------------------------
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The Gartner Group just put Neoteris in the top of its Magic Quadrant,
while InStat has confirmed Neoteris as the leader in marketshare.
     
Find out why, and see how you can get plug-n-play secure remote access in
about an hour, with no client, server changes, or ongoing maintenance.
          
Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
----------------------------------------------------------------------------

Current thread:

Central Win2000 auditing logs Stephen Gay (Jun 18)
- Re: Central Win2000 auditing logs Birl (Jun 18)
  - Re: Central Win2000 auditing logs Stephen Gay (Jun 19)
    - Re: Central Win2000 auditing logs Birl (Jun 19)
- Re: Central Win2000 auditing logs Anders Reed Mohn (Jun 19)
- Re: Central Win2000 auditing logs ATD (Jun 24)
- <Possible follow-ups>
- Re: Central Win2000 auditing logs Damon McMahon (Jun 19)
- FW: Central Win2000 auditing logs David Olivier (Jun 19)
- RE: Central Win2000 auditing logs Ben Collins (Jun 19)