Solved

Top 10 Most Important Security Events to Monitor in Windows Event Log

Posted on 2008-10-28
8
3,023 Views
Last Modified: 2013-12-04
Top 10 Most Important Internet Security Events to Monitor in Windows Event Viewer
Also top events to monitor for Local GPO policies not being implemented-Looking for possible corrupt local security databases which indicate GPO are not being implemented.

Thank you,
John

0
Comment
Question by:jtsapos
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
8 Comments
 
LVL 13

Expert Comment

by:Rowley
ID: 22831151
What if there are 600 events that are all equally important?
0
 

Author Comment

by:jtsapos
ID: 22833244
I'll take as many as you can give me. It would be greatly appreciated.
Also top events to monitor for Local GPO policies not being implemented-Looking for possible corrupt local security databases which indicate GPO are not being implemented.

0
 
LVL 13

Accepted Solution

by:
Rowley earned 250 total points
ID: 22839182
In my opinion this is a null question. The most important events in any logs are the ones that are meaningful to the administrator in the context of which they are being read. You could have a success logon event that pops up a thousand times a minute, or a single big red disk read error, a replication event, or a TCP stack warning, etc, etc.

You've also just responded with some specifics to monitor gpo events, ergo these events are important to you but may not be important to someone else. If you want to monitor events, and prioritise alerts for your environment, you could try something like http://www.gfi.com/eventsmanager/ .
0
 
LVL 62

Assisted Solution

by:gheist
gheist earned 250 total points
ID: 22929525
You should look other way around and silence out "normal" events.
e.g Audit Success i.e successful access/login denotes normal workings.
0
 
LVL 62

Expert Comment

by:gheist
ID: 23585671
Last two give insight into how to proceed B grade.
0

Featured Post

Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as the high-speed power of the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Getting to know the threat landscape in which DDoS has evolved, and making the right choice to get ourselves geared up to defend against  DDoS attacks effectively. Get the necessary preparation works done and focus on Doing the First Things Right.
Here's a look at newsworthy articles and community happenings during the last month.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
Suggested Courses

630 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question