RE: [logs] Best practice events to watch for

From: Eric Fitzgerald (ericfat_private)
Date: Tue Jan 07 2003 - 16:47:39 PST

  • Next message: Eric Fitzgerald: "RE: [logs] Windows Event Log Analysis"

    All of them :-)  We didn't put anything in the security log that we did
    not think had value.
    
    Eric
    
    -----Original Message-----
    From: Robyn Bailey [mailto:robyn_baileyat_private] 
    Sent: Sunday, January 05, 2003 3:55 PM
    To: loganalysisat_private
    Subject: [logs] Best practice events to watch for
    
    
    Is there a list of best practice events for specific systems to watch
    for anywhere? 
    
     
    
    e.g.
    
     
    
    Windows 2000
    
    Field     Search string
    Threshold          
    
    Reason "unknown username or bad password"                 3
    
    
     
    
     
    
    Thanks
    
    Robyn Bailey
    
     
    
     
    
    This email and any attachments are subject to copyright.  They may also
    contain confidential information.  This email and any attachments may
    not be distributed, reproduced, copied, stored or transmitted in any
    form or by any means, without the prior written consent of Bridge Point
    Communications Pty Ltd ABN 29 083 424 668. Any personal information in
    this email must be handled in accordance with the Privacy Act 1988
    (Cth). Emails may be interfered with, may contain computer viruses or
    other defects and may not be successfully replicated on other systems.
    Bridge Point Communications Pty Ltd gives no warranties in relation to
    these matters. If you have any doubts about the authenticity of an email
    purportedly sent by us, please contact Bridge Point Communications Pty
    Ltd immediately.
    _______________________________________________
    LogAnalysis mailing list
    LogAnalysisat_private
    http://lists.shmoo.com/mailman/listinfo/loganalysis
    



    This archive was generated by hypermail 2b30 : Wed Jan 08 2003 - 08:49:23 PST