logging and monitoring policy

Does anyone have a corporate logging and monitoring policy for your IT Network? And if so what kinds of things does it cover, or is it the usual email/internet activity and nothing more? If it goes further what other areas are covered?
LVL 3
pma111Asked:
Who is Participating?
 
Mike KlineConnect With a Mentor Commented:
Common to audit group policy changes, we audit adding and removal members to some of the built in groups like domain admins.

one thing about the built in auditing is that getting audit reports and alerts is not the greatest strength of AD natively.  There are third party tools that can really help in this space.  One example from quest.   http://www.quest.com/changeauditor-for-active-directory/

Thanks

Mike
0
 
pma111Author Commented:
Do you maintain audits of successful login/logouts into the domain?
0
 
Mike KlineCommented:
Not where I am now, at my last job we used a login script like this    http://msmvps.com/blogs/kwsupport/archive/2005/02/24/36942.aspx

Thanks

Mike
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.