Event Log Managment

Logs .. Logs and More Logs

Security Log Resource

This week has been a busy one for me.  I have had several web training sessions and 2 onsite training sessions with customers this week.  A question came up during one of onsites this week and I thought I would share it.  The question was where did I get all my knowledge about the Windows Event Log and the various Event ID’s.

The answer is a simple 2 part answer. Part 1 –> Repetition, repetition, repetition.  I have been analyizing event logs for more than 3 years now and before that I was a Sys Admin.  Looking at the events day in and day you tend to get them stuck in your head.  Part 2 –> Resources such as the information that I’ve learned from reading Randy F. Smith’s book and reviewing his course documentation and visiting his web site: www.ultimatewindowssecurity.com.  I have put a link to a new feature on Randy’s site, WinSecWiki, under my Blogrolls.  I also attend his webinars to get more info.  Randy has good insite to the Security log.  I have also had several conversations with Randy.

From time to time I will contribute to Randy’s Wiki, I will be posting under my first name on his site. 

If anyone has any questions about Windows Events or the Windows Audit Policy feel free to ask.


January 17, 2008 - Posted by | Audit Policy, Event Log, Log Management | , ,

No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: