Firewall Wizards mailing list archives
Re: NT log file format?
From: Joseph S D Yao <jsdy () cospo osis gov>
Date: Thu, 25 Mar 1999 18:10:43 -0500 (EST)
Anyone got any pointers to C code for dissecting NT log file formats under UNIX? Or is that pretty much an insane/inane idea?The hard part about NT log files is that the event ID is stored as a number, and that number is pulled out of files on the NT box when it's viewed. So for example, if you install an application that logs to one of the NT logs, it will also install the files that are used to look up event IDs in.
This table is available in some documentation, either hardcopy or on a CD ROM. I remember I pulled it out for a security breach emulator (for a class). That code is owned by a USG group that ... doesn't exist any more. And I don't have it. But at least you know that the information exists. -- Joe Yao jsdy () cospo osis gov - Joseph S. D. Yao COSPO/OSIS Computer Support EMT-A/B ----------------------------------------------------------------------- PLEASE ... send or Cc: all "COSPO/OSIS Computer Support" mail to sys-adm () cospo osis gov ----------------------------------------------------------------------- This message is not an official statement of COSPO policies.
Current thread:
- NT log file format? Marcus J. Ranum (Mar 25)
- Re: NT log file format? Paul M. Cardon (Mar 25)
- RE: NT log file format? David Bovee (Mar 26)
- <Possible follow-ups>
- Re: NT log file format? Ryan Russell (Mar 25)
- Re: NT log file format? Joseph S D Yao (Mar 26)
- Re: NT log file format? davi (Mar 26)
- Re: NT log file format? sedwards (Mar 26)
- RE: NT log file format? Choi, Byoung (Mar 25)
- Re: NT log file format? Lart (Mar 26)
- Re: NT log file format? ark (Mar 26)
- Re: NT log file format? David Gillett (Mar 26)
- RE: NT log file format? Kenneth_W_Fox (Mar 26)