Collecting Security Logs to Central Server?
Windows Server Forum Index Windows Server
Server discussion on Windows platform.
 
 FAQFAQ   MemberlistMemberlist     RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 
 
Google
 
Web winserverhelp.com
Collecting Security Logs to Central Server?

 
Post new topic   Reply to topic    Windows Server Forum Index -> Security
Author Message
Will
Guest
Posted: Mon Nov 14, 2005 9:50 am    Post subject: Collecting Security Logs to Central Server? Reply with quote
Is there a server available that will periodically collect all of the
security eventviewer messages from each machine on the network and then put
those into an SQL database where they can be queried as a global resource
for the company?

--
Will
Back to top
S. Pidgorny
Guest
Posted: Mon Nov 14, 2005 9:50 am    Post subject: Re: Collecting Security Logs to Central Server? Reply with quote
Not yet free tool from Microsoft. Maybe in MOM and NetIQ.

I'd suggest to use syslog for event consolidation. For Windows event log to
syslog, you can use Snare Agent (free):

http://www.intersectalliance.com/projects/SnareWindows/index.html

As syslog server, can use Kiwi Syslog Daemon:

http://www.kiwisyslog.com/info_syslog.htm

Commercial version supports ODBC logging to SQL Server.

Alternatively you can consider Snare server.

--
Svyatoslav Pidgorny, MS MVP - Security, MCSE
-= F1 is the key =-
Back to top
 
Post new topic   Reply to topic    Windows Server Forum Index -> Security All times are GMT
Page 1 of 1

 
 You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum




New Topics Powered by phpBB