You can extract the list of events that a certain application is using from the event message file for that certain application (AD is a Windows component but nevertheless just an "application" as far as logging is concerned). The message file contains just the event id and the "template" of the event description. Since the message files are in binary form, you can only access them via the Microsoft event logging API. See http://www.eventid.net/show.asp?DocId=22 for details. I would recommend that you start by monitoring all the events and add or exclude them as you go. Adrian Grigorof www.eventid.net > Does anyone has list of Active Directory Events and brief description of > each event. Here I want to analyze the events, Will be using LASSO tool > to convert events from event log format to syslog format, write down > some parsing rules to parse these events and then set alerts and > reports. > > So I want to understand all different kind of events generated by active > directory first and hence looking out for list of events. If anyone has > such list please forward me to abhaylog@private _______________________________________________ LogAnalysis mailing list LogAnalysis@private http://lists.shmoo.com/mailman/listinfo/loganalysis
This archive was generated by hypermail 2.1.3 : Wed May 31 2006 - 22:06:05 PDT