RE: Event Log Monitor

["Ross, George" <george.ross () atlahq org>]

Do you have information on how your doing the forensics work, some
examples or explaination.  I'm not a SQL person so I may need some help
in this area, I do have people who are SQL people and can go to them if
I have a little understanding and examples of how you are accomplishing
this.  Any help at all would be great!

-----Original Message-----
From: Dinis Cruz [mailto:dinis () ddplus net] 
Sent: Friday, August 20, 2004 3:46 AM
To: Ross, George
Cc: security-basics () securityfocus com
Subject: RE: Event Log Monitor


I would also recommend this product (GFI S.E.L.M). I have used it
several times in the past and even created some advanced SQL queries
(using Pivot tables and Data Cubes) which allow me to do security
forensics (and trace, for example, individual user's actions).

Best regards

Dinis Cruz
.Net Security Consultant
DDPlus

> -----Original Message-----
> From: Ross, George [mailto:george.ross () atlahq org]
> Sent: 18 August 2004 13:24
> To: chammett () dpsolutions com; security-basics () securityfocus com
> Subject: RE: Event Log Monitor
>
> Look at GFI they have a product that is well priced. www.gfi.com 
> LANGUARD PRODUCTS - Security Log Monitor, it does more than security 
> logs.
>
> -----Original Message-----
> From: Charles J. Hammett Jr. [mailto:chammett () dpsolutions com]
> Sent: Monday, August 16, 2004 3:57 PM
> To: security-basics () securityfocus com
> Subject: Event Log Monitor
>
>
> Can someone point me in a direction on software that will monitor the 
> Event logs within a Windows enviroment. The servers will be in 
> different domains within our NOC and i want to monitor all event logs 
> for any critical events. SMS, Email and Paging would be and added 
> feature.
>
> thanks in advance
> --
> Charles J. Hammett Jr.
> A+ Net+ INet+ Security+ Server+ MCSA MCSE CCEA
> chammett () dpsolutions com
> Data Processing Solutions Inc.
> Your Total Solution Provider
> http://www.dpsinet.com
> P. 410.720.3300 X 123
>
>
> ----------------------------------------------------------------------
> --
> ---
> Ethical Hacking at the InfoSec Institute. Mention this ad and get $545
> off
> any course! All of our class sizes are guaranteed to be 10 students or
> less
> to facilitate one-on-one interaction with one of our expert
instructors.
> Attend a course taught by an expert instructor with years of 
> in-the-field pen testing experience in our state of the art hacking 
> lab. Master the skills
> of an Ethical Hacker to better assess the security of your
organization.
> Visit us at: 
> http://www.infosecinstitute.com/courses/ethical_hacking_training.html
> ----------------------------------------------------------------------
> --
> ----
>
>
> ----------------------------------------------------------------------
> ----
> -
> Computer Forensics Training at the InfoSec Institute. All of our class
> sizes
> are guaranteed to be 12 students or less to facilitate one-on-one
> interaction with one of our expert instructors. Gain the in-demand
skills
> of
> a certified computer examiner, learn to recover trace data left behind
by
> fraud, theft, and cybercrime perpetrators. Discover the source of
computer
> crime and abuse so that it never happens again.
>
> http://www.securityfocus.com/sponsor/InfoSecInstitute_security-
> basics_040817
> ----------------------------------------------------------------------
> ----
> --



---------------------------------------------------------------------------
Computer Forensics Training at the InfoSec Institute. All of our class sizes
are guaranteed to be 12 students or less to facilitate one-on-one
interaction with one of our expert instructors. Gain the in-demand skills of
a certified computer examiner, learn to recover trace data left behind by
fraud, theft, and cybercrime perpetrators. Discover the source of computer
crime and abuse so that it never happens again.

http://www.securityfocus.com/sponsor/InfoSecInstitute_security-basics_040817
----------------------------------------------------------------------------