About
My name is Isaac Thompson. I have worked in the IT field since the early 90′s, with over 11 years as a System Admin and then some in Management. Since 2004 I have been working with log and event management, helping other Admins figure out exactly what all these logs mean. From 2004 to Jan of 2011 I worked for Prism Microsystems, working with EventTracker. After leaving Prism in Jan of 2011 I joined the team at LogRhythm. LogRhythm is doing things with log and event management that other vendors are struggling with (www.logrhythm.com). I have helped 100′s of people with their event logs and audit policies. If you have any questions please feel free to leave a comment.
**Feb 14, 2011; Do to some unforseen issues at Prism Microsystems I can no longer in good faith promote their product or services and I have removed all links to their website.
3 Comments »
Leave a Reply
-
Archives
- December 2011 (1)
- May 2011 (1)
- July 2010 (1)
- March 2010 (1)
- February 2010 (1)
- December 2009 (1)
- November 2009 (1)
- October 2009 (1)
- September 2009 (1)
- August 2009 (1)
- May 2009 (3)
- April 2009 (1)
-
Categories
-
RSS
Entries RSS
Comments RSS
I´ve readed your post EVENT LOG MANAGEMENT, but next step I´ve problems because I can´t see the description field (in your example ’60′)
3. Now do another Log Analysis and look for event id 560 and in the description field use the Handle ID value, which will produce the following…
Can you help me?
Thanks
Sorry, the name post is Tracking Down File Deletes
Maria,
In my example I’m using a product called EventTracker to view the events and not the Windows Event Viewer. That may be what is causing your problem.
Isaac