Windows domain Security Audit
Posted on 2014-01-18
In our environment, now and then we get some requests about auditing, where managers they need information that we do not have ready yet to provide and which consist of long research to find it, such as searching through event logs and sometimes the water info is too old and it is overwritten by event viewer because of the limited size.
I wonder if there is a method in such a way, we can retrieve info from event logs in an easy way….
the only way I can think of is that event logs need to be stored in the network and we will need to use a searching tool that can pull the info whenever we need it, in a timely fashion.
Any help will be very much appreciated.