Default config of Windows Event Logs Inadequate. What are alternatives?
Posted on 2007-11-29
Greetings and Thank you for Your Help :-)
I am the server manager. I need to ensure the safety of my servers, and i want to easily find events that will tell what has happened over the weekend. I want to ensure my logs will be safe no matter what (not just on another drive on the same machine, and not just backedup at midnight ---- I want them on another machine (a very secure machine) each hour or perhaps even DIRECTLY logged there.
I'm not interested in log parser, and yes, I do have auditing jacked up to log most things. Note that I have not asked any question about FWs, IDS, or other security measures. I'm mainly interested in logging what happens.
What are my options? What are the pros/cons? Can you get eventlogs to log directly to another machine? Is there some software (turnkey) for all this?
Thanks again so very much!,