Default config of Windows Event Logs Inadequate. What are alternatives?
Greetings and Thank you for Your Help :-)
I am the server manager. I need to ensure the safety of my servers, and i want to easily find events that will tell what has happened over the weekend. I want to ensure my logs will be safe no matter what (not just on another drive on the same machine, and not just backedup at midnight ---- I want them on another machine (a very secure machine) each hour or perhaps even DIRECTLY logged there.
I'm not interested in log parser, and yes, I do have auditing jacked up to log most things. Note that I have not asked any question about FWs, IDS, or other security measures. I'm mainly interested in logging what happens.
What are my options? What are the pros/cons? Can you get eventlogs to log directly to another machine? Is there some software (turnkey) for all this?
Thanks again so very much!,
K
I am the server manager. I need to ensure the safety of my servers, and i want to easily find events that will tell what has happened over the weekend. I want to ensure my logs will be safe no matter what (not just on another drive on the same machine, and not just backedup at midnight ---- I want them on another machine (a very secure machine) each hour or perhaps even DIRECTLY logged there.
I'm not interested in log parser, and yes, I do have auditing jacked up to log most things. Note that I have not asked any question about FWs, IDS, or other security measures. I'm mainly interested in logging what happens.
What are my options? What are the pros/cons? Can you get eventlogs to log directly to another machine? Is there some software (turnkey) for all this?
Thanks again so very much!,
K
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
wfcraven12
CoccoBill - that was already posted. Look at first comment.
Yes, wfcraven12, I noticed. I just filled in the blanks in your post.