Exhange logs into the event logs for most issues. UNless you are talking about SMTP and HTTP. Then this services are logged as protocol specific logs. Cheers Gill ---- Original message ---- >Date: Tue, 25 Jan 2005 20:03:53 -0800 (PST) >From: Walter <walter_100@private> >Subject: Re: [logs] Retrieving logs from Windows server >To: loganalysis@private > >Hello everyone, > First of all thank you everyone for your answers. >This is truly a great list! > >Another question, on the same lines any way to retrive >Microsoft Exchange logs? >Thanks! >Walter > >--- Harlan Carvey <keydet89@private> wrote: > >> Walter, >> >> > I am trying to retrieve logs from a Windows >> > server >> > but could not find any info on the same. >> > Any pointers? >> >> I guess my first question is, what are you looking >> for? >> >> You could access the drive and copy the .evt files. >> You could use psloglist.exe or WMI to retrieve the >> entries. You could install a syslog client and have >> the logs sent off of the system to a waiting syslog >> server. >> >> Perhaps if you could clarify what you're looking for >> a >> bit, it would help some... >> >> >> >> ===== >> ------------------------------------------ >> Harlan Carvey, CISSP >> "Windows Forensics and Incident Recovery" >> http://www.windows-ir.com >> http://windowsir.blogspot.com >> ------------------------------------------ >> > > > > >__________________________________ >Do you Yahoo!? >Yahoo! Mail - Easier than ever with enhanced search. Learn more. >http://info.mail.yahoo.com/mail_250 >_______________________________________________ >LogAnalysis mailing list >LogAnalysis@private >http://lists.shmoo.com/mailman/listinfo/loganalysis Sarbjit Singh Gill ssgill@private _______________________________________________ LogAnalysis mailing list LogAnalysis@private http://lists.shmoo.com/mailman/listinfo/loganalysis
This archive was generated by hypermail 2.1.3 : Thu Jan 27 2005 - 13:54:41 PST