Walter, > I am trying to retrieve logs from a Windows > server > but could not find any info on the same. > Any pointers? I guess my first question is, what are you looking for? You could access the drive and copy the .evt files. You could use psloglist.exe or WMI to retrieve the entries. You could install a syslog client and have the logs sent off of the system to a waiting syslog server. Perhaps if you could clarify what you're looking for a bit, it would help some... ===== ------------------------------------------ Harlan Carvey, CISSP "Windows Forensics and Incident Recovery" http://www.windows-ir.com http://windowsir.blogspot.com ------------------------------------------ _______________________________________________ LogAnalysis mailing list LogAnalysis@private http://lists.shmoo.com/mailman/listinfo/loganalysis
This archive was generated by hypermail 2.1.3 : Mon Jan 24 2005 - 09:44:54 PST