RE: [logs] Windows Event Logs

From: Eric Fitzgerald (ericf@private)
Date: Fri Apr 08 2005 - 15:57:53 PDT


Here's the raw data for Windows Server 2003.

Eric


-----Original Message-----
From: loganalysis-bounces+ericf=windows.microsoft.com@private
[mailto:loganalysis-bounces+ericf=windows.microsoft.com@private]
On Behalf Of Pauls, Nicole
Sent: Thursday, April 07, 2005 4:34 PM
To: loganalysis@private
Subject: RE: [logs] Windows Event Logs

Muhammad Khan wrote:
> 
> I want to make a timeline analysis of various activities done on a PC.
> I want to explore what kind of information the Windows Security event 
> log can provide. Can anyone provide me the details of the information 
> stored in the security event log. I shabe greatful.

Microsoft's documentation for Windows Server 2003 (XP is very similar):

http://www.microsoft.com/resources/documentation/WindowsServ/2003/standa
rd/pr
oddocs/en-us/APtopnode.asp

For Windows 2000, check article ID 299475 and 310677:
http://support.microsoft.com/kb/299475/EN-US/
http://support.microsoft.com/kb/301677/EN-US/

For NT4, there's another link under article ID 174074 entitled "Security
Event Descriptions":
http://support.microsoft.com/default.aspx?scid=kb;en-us;174074&sd=tech

HTH

--
nicole pauls, cissp-issap, issmp
TriGeo Network Security
www.trigeo.com
_______________________________________________
LogAnalysis mailing list
LogAnalysis@private
http://lists.shmoo.com/mailman/listinfo/loganalysis



_______________________________________________
LogAnalysis mailing list
LogAnalysis@private
http://lists.shmoo.com/mailman/listinfo/loganalysis



This archive was generated by hypermail 2.1.3 : Fri Apr 08 2005 - 18:57:57 PDT