RE: [logs] Windows Event Logs

From: Pauls, Nicole (npauls@private)
Date: Thu Apr 07 2005 - 16:33:39 PDT


Muhammad Khan wrote:
> 
> I want to make a timeline analysis of various activities done 
> on a PC. 
> I want to explore what kind of information the Windows Security event 
> log can provide. Can anyone provide me the details of the information 
> stored in the security event log. I shabe greatful.

Microsoft's documentation for Windows Server 2003 (XP is very similar):

http://www.microsoft.com/resources/documentation/WindowsServ/2003/standard/pr
oddocs/en-us/APtopnode.asp

For Windows 2000, check article ID 299475 and 310677:
http://support.microsoft.com/kb/299475/EN-US/
http://support.microsoft.com/kb/301677/EN-US/

For NT4, there's another link under article ID 174074 entitled "Security
Event Descriptions":
http://support.microsoft.com/default.aspx?scid=kb;en-us;174074&sd=tech

HTH

-- 
nicole pauls, cissp-issap, issmp
TriGeo Network Security
www.trigeo.com
_______________________________________________
LogAnalysis mailing list
LogAnalysis@private
http://lists.shmoo.com/mailman/listinfo/loganalysis



This archive was generated by hypermail 2.1.3 : Thu Apr 07 2005 - 16:36:13 PDT