RE: [logs] Windows Event Logs

Previous message: Pauls, Nicole: "RE: [logs] Windows Event Logs"
Maybe in reply to: Muhammad Khan: "[logs] Windows Event Logs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

ericf@private

Here's the raw data for Windows Server 2003.

Eric

-----Original Message-----
From: loganalysis-bounces+ericf=windows.microsoft.com@private
[mailto:loganalysis-bounces+ericf=windows.microsoft.com@private]
On Behalf Of Pauls, Nicole
Sent: Thursday, April 07, 2005 4:34 PM
To: loganalysis@private
Subject: RE: [logs] Windows Event Logs

Muhammad Khan wrote:
> 
> I want to make a timeline analysis of various activities done on a PC.
> I want to explore what kind of information the Windows Security event 
> log can provide. Can anyone provide me the details of the information 
> stored in the security event log. I shabe greatful.

Microsoft's documentation for Windows Server 2003 (XP is very similar):

http://www.microsoft.com/resources/documentation/WindowsServ/2003/standa
rd/pr
oddocs/en-us/APtopnode.asp

For Windows 2000, check article ID 299475 and 310677:
http://support.microsoft.com/kb/299475/EN-US/
http://support.microsoft.com/kb/301677/EN-US/

For NT4, there's another link under article ID 174074 entitled "Security
Event Descriptions":
http://support.microsoft.com/default.aspx?scid=kb;en-us;174074&sd=tech

HTH

--
nicole pauls, cissp-issap, issmp
TriGeo Network Security
www.trigeo.com
_______________________________________________
LogAnalysis mailing list
LogAnalysis@private
http://lists.shmoo.com/mailman/listinfo/loganalysis