Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

logging and monitoring policy

Posted on 2011-09-29
3
Medium Priority
?
414 Views
Last Modified: 2013-12-07
Does anyone have a corporate logging and monitoring policy for your IT Network? And if so what kinds of things does it cover, or is it the usual email/internet activity and nothing more? If it goes further what other areas are covered?
0
Comment
Question by:pma111
  • 2
3 Comments
 
LVL 57

Accepted Solution

by:
Mike Kline earned 2000 total points
ID: 36815224
Common to audit group policy changes, we audit adding and removal members to some of the built in groups like domain admins.

one thing about the built in auditing is that getting audit reports and alerts is not the greatest strength of AD natively.  There are third party tools that can really help in this space.  One example from quest.   http://www.quest.com/changeauditor-for-active-directory/

Thanks

Mike
0
 
LVL 3

Author Comment

by:pma111
ID: 36815250
Do you maintain audits of successful login/logouts into the domain?
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 36815335
Not where I am now, at my last job we used a login script like this    http://msmvps.com/blogs/kwsupport/archive/2005/02/24/36942.aspx

Thanks

Mike
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Tech spooks aren't just for those who are tech savvy, it also happens to those of us running a business. Check out the top tech spooks for business owners.
Experts Exchange expands question security options for members.
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
Suggested Courses

971 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question