Security Basics mailing list archives
Re: Auditing XP event security logs
From: "Jon Wallace" <security () b69ca com>
Date: Sat, 2 Dec 2006 20:24:36 -0500
Hey Gary,Check out the PSTOOLS from SysInternals - http://www.sysinternals.com (a free collection of tools). One of the tools PSLOGLIST.EXE allows you to view the event logs of a machine, either locally or remotely. It would be possible to schedule this from one machine to routinely bring all your logs together.
You can also filter the events you want with this tool and have the option to clear the log when you have finished.
Give it a whirl, good luck. Regards, Jon Wallace----- Original Message ----- From: "Gary Collis" <onesl1fox () 27 eclipse co uk>
To: <security-basics () securityfocus com> Sent: Wednesday, November 29, 2006 12:46 PM Subject: Auditing XP event security logs
Hi List,I am aiming to monitor the useage of local admin accounts that I have set up on 40 machines. I have turned on auditng for the machines via group policy, and events seem to be logging OK. However I would like to automatically consolidate the logs into one central location, possibly an SQL database for ease of reference and historical purposes, and if possible produce some stats from them ( in a graph if possible, for management) e.g amount of times logged in on a particular day/week etc.Does anyone know of any tools that can help me achieve this? Ideally I am looking for free tools.Thanks,
Current thread:
- Auditing XP event security logs Gary Collis (Dec 01)
- RE: Auditing XP event security logs Ramki B (Dec 04)
- RE: Auditing XP event security logs Patrick Wade (Dec 04)
- Security policies - few questions! Faheem SIDDIQUI (Dec 04)
- RE: Security policies - few questions! Greg Jones (Dec 06)
- RE: Security policies - few questions! David A. Coursey (Dec 06)
- Re: Auditing XP event security logs Rob Creely (Dec 04)
- Re: Auditing XP event security logs Jon Wallace (Dec 04)
- <Possible follow-ups>
- Re: Auditing XP event security logs jws226 (Dec 04)
- RE: Auditing XP event security logs Kevin Taylor (Dec 04)