Event Log Managment

Logs .. Logs and More Logs

Security Log Resource

This week has been a busy one for me.  I have had several web training sessions and 2 onsite training sessions with customers this week.  A question came up during one of onsites this week and I thought I would share it.  The question was where did I get all my knowledge about the Windows Event Log and the various Event ID’s.

The answer is a simple 2 part answer. Part 1 –> Repetition, repetition, repetition.  I have been analyizing event logs for more than 3 years now and before that I was a Sys Admin.  Looking at the events day in and day you tend to get them stuck in your head.  Part 2 –> Resources such as the information that I’ve learned from reading Randy F. Smith’s book and reviewing his course documentation and visiting his web site: www.ultimatewindowssecurity.com.  I have put a link to a new feature on Randy’s site, WinSecWiki, under my Blogrolls.  I also attend his webinars to get more info.  Randy has good insite to the Security log.  I have also had several conversations with Randy.

From time to time I will contribute to Randy’s Wiki, I will be posting under my first name on his site. 

If anyone has any questions about Windows Events or the Windows Audit Policy feel free to ask.

Advertisements

January 17, 2008 - Posted by | Audit Policy, Event Log, Log Management | , ,

No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: