Article Author: Peter Gubarevich (MVP – Enterprise Security), Certified Ethical Hacker Everything was just fine until yesterday. Usually, I’m managing local group membership using Active Directory Group Policies, either Restricted Groups node, or GP Preferences node. It’s quite questionable which node to choose, but anyway, Group Policy makes it easy to perform updates and enforce membership throughout a domain, and exactly fits my requirements. However, there’s another side of the … Read more
The prime objective behind deploying Event Log Managers is to meet network security and compliance standards and thus simplify network administrator tasks. They help administrators with centralized and effective management of Windows and W3C event logs. An event can be interpreted in a variety of ways, based on circumstances. The default Event Viewer on Windows systems doesn’t provide any elaborate report to categorize every event specifically or takes proactive measures … Read more
One of the toughest challenges for the Network Administrators is to implement network wide event collection and auto-correlation between them. Over a wide network spanning across different geographical areas, collection of event logs by moving from one machine to another could be a challenging and illogical task.
A large scale network is often configured with complex services and customer applications in addition to the systems and end-point devices, no wonder then that the amount of event logs generated from each of these can be huge. In these situations, errors like “The event log is full” are a common phenomenon. What do you do in such conditions?
Eventlog.pl is an event log management script tool which comes with Windows 2000 Resource Kit Supplement and is used to manage the Event Viewer logs of Windows 2000 based systems. This script tool can be used to perform various event log management tasks like changing properties of the event logs, backing up the log files exporting the event lists to text files, deleting all events from the logs and querying … Read more
In modern IT systems, event logs and vent logging plays a very important role as every application, operating system, network device and system components upload their event messages in log files. Therefore, from the point of view of network management, event logging and log analysis becomes all the more critical. Event logs form the most reliable source of determining the overall health of a network.
These days most organizations invest on more than log management infrastructures which comprise the hardware, software and a media to generate, transmit, store, analyze and organize the log data. Every log management infrastructure has a typical architecture consisting of various components which interact with one another. Following are the major tiers of an ideal log management architecture.