eventlogs.com - Strategies for Managing Event Logs

Copyright © 2004-2006 Dorian Software Creations, Inc. All rights reserved. Dorian, Event Archiver, Event Analyst, Event Rover and Event Alarm are registered trademarks of Dorian Software Creations, Inc. Windows, Windows NT, Windows XP, Windows 2000, Windows 2003, Microsoft SQL, and Microsoft Windows are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. Oracle is a registered trademark, and Oracle9i is a trademark or registered trademark of Oracle Corporation. All other trademarks are the trademarks of their respective companies.

Event Log Management and Maintenance Strategies eventlogs.com

home \| research \| strategies \| solutions \| tools


Research The Event Log Defined The Syslog Defined The Event Log and Today's Enterprise Event IDs Strategies Event Log Management and the Secure Network Monitoring Event Logs Auditing Event Logs Event Correlation Solutions Monitoring Log Files Collecting Log Files Auditing Log Files A Concept for Total Log Management Tools Auditing Volume Analyzer	Strategies What are ways in which today's network and security professionals can proactively use the event log to promote a safe and secure Windows enterprise? Event Log Management and the Secure Network Before any network security strategy benefits from the event log, it has to first be tamed. Log files - whether the security log or other log type - grow very large very quickly. What needs to be accomplished before you reap the benefits of the event log? Monitoring Event Logs While IDS and other external security options have grown in popularity, network administrators still have to agree on the fact that most security threats aren't outside the network - they're right down the hall. Here are ways the event log can be used to detect external, internal, and network health threats. Auditing Event Logs If you are already reliably collecting your event logs into an event log database, you've accomplished more than a great deal of network security professionals in the IT departments across the globe have. But, now that you have all of these log files stored away in a central database, what are some of the things you need to sift through the log files for? Event Correlation One of the challenges facing Windows network administrators is making the logical connections between event log entries and other network phenomena. One way correlation can occur - the correlation of event log and syslog data - is becoming an increasingly critical component to security strategies.


Copyright © 2004-2006 Dorian Software Creations, Inc. All rights reserved. Dorian, Event Archiver, Event Analyst, Event Rover and Event Alarm are registered trademarks of Dorian Software Creations, Inc. Windows, Windows NT, Windows XP, Windows 2000, Windows 2003, Microsoft SQL, and Microsoft Windows are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. Oracle is a registered trademark, and Oracle9i is a trademark or registered trademark of Oracle Corporation. All other trademarks are the trademarks of their respective companies.