<snip> >-----Original Message----- >From: Brian Anon [mailto:brian_anon@private] >Sent: Thursday, October 02, 2003 6:02 AM >To: loganalysis@private >Subject: [logs] Monitoring Windows Security Events >I would appreciate hearing how others monitor events in their Windows >security event logs in a large distributed network. </snip> You might look at Microsoft Operations Manager. Its specific mission is to monitor Event logs and other data sources in Windows environments, generate and consolidate alerts, load them into a SQL Server database, and present them on a console for action by administrators. It works via machine agents (remotely manageable and deployable) and intermediate consolidator/agent managers, so it scales well. Downside, it is quite pricey at list, but it would likely do what you are talking about. John Campbell, CISSP, GCWN Security Engineer Washington School Information Processing Cooperative (WSIPC) Everett, WA, USA _______________________________________________ LogAnalysis mailing list LogAnalysis@private http://lists.shmoo.com/mailman/listinfo/loganalysis
This archive was generated by hypermail 2b30 : Thu Oct 02 2003 - 16:01:53 PDT