RE: [logs] About Windows NT/2000 logs

From: Steve Wray (steve.wrayat_private)
Date: Fri Mar 08 2002 - 18:46:52 PST

  • Next message: Kenji Yamamoto: "Re: [logs] About Windows NT/2000 logs"

     
    > > Now I ask you, why couldn't this have been an
    > > option for the event log?
    > 
    > I think Marcus Ranum covered that quite nicely and
    > concisely already.  The binary format is less for
    > security and more for internationalization.
    
    The key word is 'option'.
    
    
    > > Is there any chance that the perl module can be
    > > set up as a plugin of some sort to log the
    > > events to a text file?
    > 
    > Sure.  The Win32::Lanman module has a method that
    > listens for new Events to be generated.  This, or WMI,
    > could be used quite easily to log to text files.
    
    
    I've been looking over that mailout by Tina just now,
    it looks like there are some promising options.
    I guess that I missed some peoples points in previous
    emails thru ignorance of NT type systems.
    
    
    
    
    ---------------------------------------------------------------------
    To unsubscribe, e-mail: loganalysis-unsubscribeat_private
    For additional commands, e-mail: loganalysis-helpat_private
    



    This archive was generated by hypermail 2b30 : Fri Mar 08 2002 - 19:37:26 PST