I am in the process of creating a business case that may involve logging system and application events to a central audit log database. Once this is done, I expect to be able to query the database to generate reports. I expect the most standard approach would be to implement SYSLOGD that logs to a RDBMS (MS SQL or Oracle). Some of the systems and applications I may like to do this with are: Windows 2000 Servers CheckPoint Firewall-1 IIS RealSecure Sensors McAfee NetShield McAfee VirusShield Microsoft IIS Microsoft Exchange Microsoft SQL Oracle Microsoft DNS Citrix MetaFrame Cisco PIX Cisco Routers Cisco Switches I am prepared ro create scripts/agents that can grab an application log and parse the information and input it into the database at scheduled intervals or on-demand. I understand each application may require a different table structure. Has anyone tried to accomplish this? Any suggestions or comments? Regards, Brian, CISSP _________________________________________________________________ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp. --------------------------------------------------------------------- To unsubscribe, e-mail: loganalysis-unsubscribeat_private For additional commands, e-mail: loganalysis-helpat_private
This archive was generated by hypermail 2b30 : Thu May 02 2002 - 13:55:26 PDT