<div>
Perfect thanks this is what I was looking for.
</div>


Perfect thanks this is what I was looking for.

<div>
<div class="content wysiwyg-content">
Good Afternoon Dear EE.<br />
<br />
Due to change in security policy, we implemented centralized log collector using Windows Server Log Subscriptions.<br />
<br />
Can anyone point to good source of IDS / Forensics Event IDs to monitor?<br />
<br />
We want to track what is important in Windows 2008 Domain, involving users, groups, directory services, GPOs, DNS, DHCP anything involving servers and workstations.<br />
Also any recommendation how anyone else is monitoring it.<br />
<br />
All feedback is greatly appreciated.
</div>
</div>


Good Afternoon Dear EE.

Due to change in security policy, we implemented centralized log collector using Windows Server Log Subscriptions.

Can anyone point to good source of IDS / Forensics Event IDs to monitor?

We want to track what is important in Windows 2008 Domain, involving users, groups, directory services, GPOs, DNS, DHCP anything involving servers and workstations.
Also any recommendation how anyone else is monitoring it.

All feedback is greatly appreciated.

IDS / Forensics Windows Event IDs.

Security is the protection of information systems from theft or damage to the hardware, the software, and the information on them, as well as from disruption or misdirection of the services they provide. The main goal of security is protecting assets, and an asset is anything of value and worthy of protection.  Information Security is a discipline of protecting information assets from threats through safeguards to achieve the objectives of confidentiality, integrity, and availability or CIA for short. On the other hand, disclosure, alteration, and disruption (DAD) compromise the security objectives.

Security

Operating system security (OS security) is the process of ensuring OS integrity, confidentiality and availability. OS security refers to specified steps or measures used to protect the OS from threats, viruses, worms, malware or remote hacker intrusions. OS security encompasses all preventive-control techniques, which safeguard any computer assets capable of being stolen, edited or deleted if OS security is compromised, including authentication, passwords and threats to systems and programs.

OS Security

The Microsoft Server topic includes all of the legacy versions of the operating system, including the Windows NT 3.1, NT 3.5, NT 4.0 and Windows 2000 and Windows Home Server versions.