Security Basics mailing list archives

Re: Auditing XP event security logs

From: "Rob Creely" <programmingart () gmail com>
Date: Sat, 2 Dec 2006 00:28:08 -0500

Hi List,

Hi Gary.

I am aiming to monitor the useage of local admin accounts that I have
set up on 40 machines. I have turned on auditng for the machines via
group policy, and events seem to be logging OK. However I would like to
automatically consolidate the logs into one central location, possibly
an SQL database for ease of reference and historical purposes, and if
possible produce some stats from them ( in a graph if possible, for
management) e.g amount of times logged in on a particular day/week etc.

Does anyone know of any tools that can help me achieve this? Ideally I
am looking for free tools.


Check out Snare(free GPL): http://www.intersectalliance.com/projects/index.html
Check out Kiwisyslog(freeware): http://www.kiwisyslog.com/syslog-info.php

Cheers.

--Rob

Current thread:

Auditing XP event security logs Gary Collis (Dec 01)
- RE: Auditing XP event security logs Ramki B (Dec 04)
- RE: Auditing XP event security logs Patrick Wade (Dec 04)
- Security policies - few questions! Faheem SIDDIQUI (Dec 04)
  - RE: Security policies - few questions! Greg Jones (Dec 06)
  - RE: Security policies - few questions! David A. Coursey (Dec 06)
- Re: Auditing XP event security logs Rob Creely (Dec 04)
- Re: Auditing XP event security logs Jon Wallace (Dec 04)
- <Possible follow-ups>
- Re: Auditing XP event security logs jws226 (Dec 04)
- RE: Auditing XP event security logs Kevin Taylor (Dec 04)