Solved

Top 10 Most Important Security Events to Monitor in Windows Event Log

Posted on 2008-10-28
8
2,982 Views
Last Modified: 2013-12-04
Top 10 Most Important Internet Security Events to Monitor in Windows Event Viewer
Also top events to monitor for Local GPO policies not being implemented-Looking for possible corrupt local security databases which indicate GPO are not being implemented.

Thank you,
John

0
Comment
Question by:jtsapos
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
8 Comments
 
LVL 13

Expert Comment

by:Rowley
ID: 22831151
What if there are 600 events that are all equally important?
0
 

Author Comment

by:jtsapos
ID: 22833244
I'll take as many as you can give me. It would be greatly appreciated.
Also top events to monitor for Local GPO policies not being implemented-Looking for possible corrupt local security databases which indicate GPO are not being implemented.

0
 
LVL 13

Accepted Solution

by:
Rowley earned 250 total points
ID: 22839182
In my opinion this is a null question. The most important events in any logs are the ones that are meaningful to the administrator in the context of which they are being read. You could have a success logon event that pops up a thousand times a minute, or a single big red disk read error, a replication event, or a TCP stack warning, etc, etc.

You've also just responded with some specifics to monitor gpo events, ergo these events are important to you but may not be important to someone else. If you want to monitor events, and prioritise alerts for your environment, you could try something like http://www.gfi.com/eventsmanager/ .
0
 
LVL 62

Assisted Solution

by:gheist
gheist earned 250 total points
ID: 22929525
You should look other way around and silence out "normal" events.
e.g Audit Success i.e successful access/login denotes normal workings.
0
 
LVL 62

Expert Comment

by:gheist
ID: 23585671
Last two give insight into how to proceed B grade.
0

Featured Post

Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There's a lot of hype surrounding blockchain technology. Here's how it works and some of the novel ways it' s now being used - including for data protection.
Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

710 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question