Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
Focus on Microsoft
Centralizing Event Viewer Logs Jan 29 2008 07:51PM
Ron Johnson - Adhost (ron adhost com) (2 replies)
RE: Centralizing Event Viewer Logs Jan 30 2008 12:17AM
Wayne S. Anderson (wfrazee wynweb net) (2 replies)
RE: Centralizing Event Viewer Logs Jan 31 2008 09:34AM
Lars Berntzon (Lars Berntzon xelerated com) (1 replies)
Re: Centralizing Event Viewer Logs Feb 01 2008 07:31PM
Kosala Atapattu (kosala atapattu gmail com)
RE: Centralizing Event Viewer Logs Jan 30 2008 04:50PM
Wayne S. Anderson (wfrazee wynweb net)
RE: Centralizing Event Viewer Logs Jan 29 2008 08:41PM
James Winzenz (James Winzenz Pulte com)
One free option I have heard of is KiwiSyslog Log Viewer - kinda played
with it a bit, but we have one of the $$ enterprise solutions here, so
there was no point for me. Here are some questions you may want to ask
regarding log solutions:

1. What am I looking to get out of my event logs?
2. How many systems will I be collecting from and how many are windows
servers?
3. Reporting and alerting options
4. capacity (both number of systems as well as capacity in terms of
number of events collected)
5. Am I doing this to be proactive or as a result of an audit finding?
6. How much am I willing to spend on a product?

This may help determine what you really need. Google yields the
following other results, which MAY be less expensive than those
*enterprise* products, depending on your answer to #2. Keep in mind, I
do not know what the capacity of these solutions are.

EventSentry
AdventNet Eventlog Analyzer
Prism EventTracker
Dorian Total Event Log Management Suite
FSPro Event Log Explorer

Thanks,

James Winzenz
Infrastructure Engineer - Security
Pulte Homes Information Services

-----Original Message-----
From: listbounce (at) securityfocus (dot) com [email concealed] [mailto:listbounce (at) securityfocus (dot) com [email concealed]]
On Behalf Of Ron Johnson - Adhost
Sent: Tuesday, January 29, 2008 12:51 PM
To: focus-ms (at) securityfocus (dot) com [email concealed]
Subject: Centralizing Event Viewer Logs

Hello List:

I was looking into options that will allow us to centralize Event Viewer
Logs in an Active Directory domain - can anyone recommend any software
for this? It would be great if we could find a piece of software that
does just this - not a full blown enterprise security solution that
cost$ and does many other things that we wouldn't use it for
necessarily.

Thanks!

CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited. If you have received this communication in error, please notify the sender immediately by email and delete the message and any file attachments from your computer. Thank you.

[ reply ]




 

Privacy Statement
Copyright 2009, SecurityFocus