Configure auditing of Administrator account logon attempts (to track hacking attempts)
Hi,
How can i Configure auditing of Administrator account logon attempts (to track hacking attempts)
Regards
Sharath
How can i Configure auditing of Administrator account logon attempts (to track hacking attempts)
Regards
Sharath
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
The audited events appear in the Security Event log. You can save this log out to a file, but you cannot redirect the auditing to a specific file that I know of. (Please understand that I'm not the brightest star in the sky, so maybe someone else can weigh in.)
If you want to capture specific events such as logins with the administrator account you will probably need a specific application to do so. I know that Microsoft Operations Manager (now Service Console Operations Manager) will do this. I'm sure there are other products that will work just as well.
If you want to capture specific events such as logins with the administrator account you will probably need a specific application to do so. I know that Microsoft Operations Manager (now Service Console Operations Manager) will do this. I'm sure there are other products that will work just as well.
ASKER
Where can i see the logs.Is there a way to get these audits only to a file.