I wrote a nice little fortune cookie program years ago for when your PC starts up, however I am still planning on looking at MACS. :o)
------------- http://www.joeware.net (download joeware) http://www.cafeshops.com/joewarenet (wear joeware) -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of GRILLENMEIER,GUIDO (HP-Germany,ex1) Sent: Wednesday, March 17, 2004 2:06 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] security event log audits I also wrote a lot of things many years ago ;-) I'd still have a closer look at MACS today... -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of stefano tufillaro Sent: Dienstag, 16. M�rz 2004 20:37 To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] security event log audits I wrote it four year ago. A Windows NT Service on every machine send the information (every eventlog section ) to a database ODBC connected (Oracle, MSSQlserver, DB2, MySql etc.) I wrote also the client administrative to setup, install, modify configuration and interrogate the datbase, produce reports (Crystal, Html, PDF etc.) and also send script as soon as a program to modify the system from remote location. >From: "GRILLENMEIER,GUIDO (HP-Germany,ex1)" <[EMAIL PROTECTED]> >Reply-To: [EMAIL PROTECTED] >To: [EMAIL PROTECTED] >Subject: RE: [ActiveDir] security event log audits >Date: Tue, 16 Mar 2004 19:40:02 +0100 >MIME-Version: 1.0 >Received: from mail.activedir.org ([64.245.160.7]) by >mc2-f10.hotmail.com with Microsoft SMTPSVC(5.0.2195.6824); Tue, 16 Mar >2004 10:40:40 -0800 >Received: from bbnrelint01.net.external.hp.com [192.6.76.88] by >mail.activedir.org with ESMTP (SMTPD32-8.05) id AA071D5B0150; Tue, 16 >Mar >2004 13:40:07 -0500 >Received: from isar.bbn.hp.com (isar.bbn.hp.com [15.140.168.13])by >bbnrelint01.net.external.hp.com (Postfix) with ESMTP id 0C6D137C90for ><[EMAIL PROTECTED]>; Tue, 16 Mar 2004 19:37:32 +0100 (CET) >Received: by isar.bbn.hp.com with Internet Mail Service (5.5.2657.72)id ><GPZ8QP5T>; Tue, 16 Mar 2004 19:40:06 +0100 >X-Message-Info: yilqo4+6kc42bID0SLkQu4MzXVSilpwe >Message-ID: <[EMAIL PROTECTED]> >X-Mailer: Internet Mail Service (5.5.2657.72) >Precedence: bulk >Return-Path: [EMAIL PROTECTED] >X-OriginalArrivalTime: 16 Mar 2004 18:40:40.0966 (UTC) >FILETIME=[2EAA6A60:01C40B86] > >MACS (MS Audit Collector System) will do all of that for you and likely >much more efficient than what you'd do yourself (and more secure as >well) - should be released soon (I think with 2003 SP1) > >/Guido > > _____ > >From: Creamer, Mark [mailto:[EMAIL PROTECTED] >Sent: Dienstag, 16. M�rz 2004 19:18 >To: [EMAIL PROTECTED] >Subject: [ActiveDir] security event log audits > > > >Has anyone had success putting together something home-grown to >centralize security event logs into a sql database? If so, I wanted to >get some tips on how the tables should be set up - can all events that >are captured in the security log be placed in the same table, or do >different events have their own structure and would have to go into >separate tables? > > > >Also, I'm familiar with EventCombMT and eldump - are there any other >tools I should be considering to pull the data? I'm assuming I'll need >to use something like one of those to act as the middleware between the >logs and the database. > > > >Thanks... > > > >Mark Creamer > >Systems Engineer > >Cintas Corporation > >Honesty and Integrity in Everything We Do > > > _________________________________________________________________ Add photos to your e-mail with MSN 8. Get 2 months FREE*. http://join.msn.com/?page=features/featuredemail List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
