Clik here to view.
LogLogic Open Source Windows Log Collection Tool
Eric Fitzgerald posted information that LogLogic has made available an open-source log collection tool called Lasso for Windows logs. According to the LogLogic web site: Responding to customer...
View ArticleClik here to view.
Domain User Logon and Logoff Events
I had the need a few weeks ago to determine the logon and logoff times of users of our system. Fortunately we have the Windows server event logs captured. They are sent to a syslog server using...
View ArticleClik here to view.
Windows Logging Tools
Back in July Anton Chuvakin posted a List of Utilized Windows Logging Tools which contains a link to a list of Windows logging tools on the Security Catalyst Community Forums. OSSEC was mentioned; one...
View ArticleClik here to view.
Top 11 Reasons to Look at, Collect, and Preserve Your Logs
Anton Chuvakin has followed up his Top 11 Reasons to Collect and Preserve Computer Logs with the Top 11 Reasons to Look at Your Logs.
View ArticleClik here to view.
Links for October 27, 2008
Windows Syslog Agents Plus Splunk Richard Bejtlich (TaoSecurity) has been mulling strategies for putting Windows Event Logs into Splunk. From SecuiTeam: Microsoft Windows RPC Vulnerability MS08-067...
View ArticleClik here to view.
Links for October 29, 2008
Account auditing for group membership changes Six minute video by Dana Epps will show you how to quickly configure account auditing using the domain security policy and then use free Microsoft tools...
View ArticleClik here to view.
Links for November 12, 2008
MS08-068 and SMBRelay – Christopher Budd provides background on this update and why it took some seven years to release the security update. Couple good references from the latest MPUG mailing: MS...
View Article
