Solved

Top 10 Most Important Security Events to Monitor in Windows Event Log

Posted on 2008-10-28
8
2,886 Views
Last Modified: 2013-12-04
Top 10 Most Important Internet Security Events to Monitor in Windows Event Viewer
Also top events to monitor for Local GPO policies not being implemented-Looking for possible corrupt local security databases which indicate GPO are not being implemented.

Thank you,
John

0
Comment
Question by:jtsapos
  • 2
  • 2
8 Comments
 
LVL 13

Expert Comment

by:Rowley
ID: 22831151
What if there are 600 events that are all equally important?
0
 

Author Comment

by:jtsapos
ID: 22833244
I'll take as many as you can give me. It would be greatly appreciated.
Also top events to monitor for Local GPO policies not being implemented-Looking for possible corrupt local security databases which indicate GPO are not being implemented.

0
 
LVL 13

Accepted Solution

by:
Rowley earned 250 total points
ID: 22839182
In my opinion this is a null question. The most important events in any logs are the ones that are meaningful to the administrator in the context of which they are being read. You could have a success logon event that pops up a thousand times a minute, or a single big red disk read error, a replication event, or a TCP stack warning, etc, etc.

You've also just responded with some specifics to monitor gpo events, ergo these events are important to you but may not be important to someone else. If you want to monitor events, and prioritise alerts for your environment, you could try something like http://www.gfi.com/eventsmanager/ .
0
 
LVL 62

Assisted Solution

by:gheist
gheist earned 250 total points
ID: 22929525
You should look other way around and silence out "normal" events.
e.g Audit Success i.e successful access/login denotes normal workings.
0
 
LVL 62

Expert Comment

by:gheist
ID: 23585671
Last two give insight into how to proceed B grade.
0

Featured Post

The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Enterprise Password Manager Suites as well as Local Password managers are covered in this article.
With healthcare moving into the digital age with things like Healthcare.gov, the digitization of patient records and video conferencing with patients, data has a much greater chance of being exposed than ever before.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question