Harvesting security event logs..

Toggle sidebar Toggle sidebar
I

imported_nerve

Senior member
Mar 17, 2005
572
1
0
Hi,

I was wondering if anyone harvests security audit records off of pc's on a domain?

I currently use a script that harvests and puts them in a text file. I review them weekly.

Does anyone have any solutions for this?

I am currently running a w2k server and will be moving to a 2k3 box soon.

Any help would be great.

Thanks

 
N

n0cmonkey

Elite Member
Jun 10, 2001
42,936
1
0
If you have some Linux know how OSSEC HIDS can help with this.

For windows logs I've generally seen 3rd party syslog clients installed and pointed at a syslog server (generally running some *nix or proprietary software).
 

Chiefcrowe

Diamond Member
Sep 15, 2008
5,044
184
116
Thanks man, i will definitely check out eventlog xp!! i need something like this!

edit: on first use it looks pretty nice!!
 
W

WobbleWobble

Diamond Member
Jun 29, 2001
4,867
1
0
If your network is a bit larger, a commercial Security Information and Event Management (SIEM) such as ArcSight will do the trick. They're not cheap though.
 
N

n0cmonkey

Elite Member
Jun 10, 2001
42,936
1
0
Originally posted by: WobbleWobble
If your network is a bit larger, a commercial Security Information and Event Management (SIEM) such as ArcSight will do the trick. They're not cheap though.
Click to expand...

Especially when you throw in the full time people necessary to keep it running well.
 
You must log in or register to reply here.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom
sale-70-410-exam    | Exam-200-125-pdf    | we-sale-70-410-exam    | hot-sale-70-410-exam    | Latest-exam-700-603-Dumps    | Dumps-98-363-exams-date    | Certs-200-125-date    | Dumps-300-075-exams-date    | hot-sale-book-C8010-726-book    | Hot-Sale-200-310-Exam    | Exam-Description-200-310-dumps?    | hot-sale-book-200-125-book    | Latest-Updated-300-209-Exam    | Dumps-210-260-exams-date    | Download-200-125-Exam-PDF    | Exam-Description-300-101-dumps    | Certs-300-101-date    | Hot-Sale-300-075-Exam    | Latest-exam-200-125-Dumps    | Exam-Description-200-125-dumps    | Latest-Updated-300-075-Exam    | hot-sale-book-210-260-book    | Dumps-200-901-exams-date    | Certs-200-901-date    | Latest-exam-1Z0-062-Dumps    | Hot-Sale-1Z0-062-Exam    | Certs-CSSLP-date    | 100%-Pass-70-383-Exams    | Latest-JN0-360-real-exam-questions    | 100%-Pass-4A0-100-Real-Exam-Questions    | Dumps-300-135-exams-date    | Passed-200-105-Tech-Exams    | Latest-Updated-200-310-Exam    | Download-300-070-Exam-PDF    | Hot-Sale-JN0-360-Exam    | 100%-Pass-JN0-360-Exams    | 100%-Pass-JN0-360-Real-Exam-Questions    | Dumps-JN0-360-exams-date    | Exam-Description-1Z0-876-dumps    | Latest-exam-1Z0-876-Dumps    | Dumps-HPE0-Y53-exams-date    | 2017-Latest-HPE0-Y53-Exam    | 100%-Pass-HPE0-Y53-Real-Exam-Questions    | Pass-4A0-100-Exam    | Latest-4A0-100-Questions    | Dumps-98-365-exams-date    | 2017-Latest-98-365-Exam    | 100%-Pass-VCS-254-Exams    | 2017-Latest-VCS-273-Exam    | Dumps-200-355-exams-date    | 2017-Latest-300-320-Exam    | Pass-300-101-Exam    | 100%-Pass-300-115-Exams    |
http://www.portvapes.co.uk/    | http://www.portvapes.co.uk/    |