I wrote a nice little fortune cookie program years ago for when your PC
starts up, however I am still planning on looking at MACS. :o) 


-------------
http://www.joeware.net   (download joeware)
http://www.cafeshops.com/joewarenet  (wear joeware)
 
 

-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of GRILLENMEIER,GUIDO
(HP-Germany,ex1)
Sent: Wednesday, March 17, 2004 2:06 PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] security event log audits

I also wrote a lot of things many years ago ;-)  I'd still have a closer
look at MACS today...

-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of stefano tufillaro
Sent: Dienstag, 16. M�rz 2004 20:37
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] security event log audits

I wrote it four year ago.

A Windows NT Service on every machine send the information (every eventlog
section ) to a database ODBC connected (Oracle, MSSQlserver, DB2, MySql
etc.)

I wrote also the client administrative to setup, install, modify
configuration and interrogate the datbase, produce reports (Crystal, Html,
PDF etc.) and also send script as soon as a program to modify the system
from remote location.


>From: "GRILLENMEIER,GUIDO (HP-Germany,ex1)" <[EMAIL PROTECTED]>
>Reply-To: [EMAIL PROTECTED]
>To: [EMAIL PROTECTED]
>Subject: RE: [ActiveDir] security event log audits
>Date: Tue, 16 Mar 2004 19:40:02 +0100
>MIME-Version: 1.0
>Received: from mail.activedir.org ([64.245.160.7]) by 
>mc2-f10.hotmail.com with Microsoft SMTPSVC(5.0.2195.6824); Tue, 16 Mar 
>2004 10:40:40 -0800
>Received: from bbnrelint01.net.external.hp.com [192.6.76.88] by 
>mail.activedir.org with ESMTP  (SMTPD32-8.05) id AA071D5B0150; Tue, 16 
>Mar
>2004 13:40:07 -0500
>Received: from isar.bbn.hp.com (isar.bbn.hp.com [15.140.168.13])by 
>bbnrelint01.net.external.hp.com (Postfix) with ESMTP id 0C6D137C90for 
><[EMAIL PROTECTED]>; Tue, 16 Mar 2004 19:37:32 +0100 (CET)
>Received: by isar.bbn.hp.com with Internet Mail Service (5.5.2657.72)id 
><GPZ8QP5T>; Tue, 16 Mar 2004 19:40:06 +0100
>X-Message-Info: yilqo4+6kc42bID0SLkQu4MzXVSilpwe
>Message-ID: <[EMAIL PROTECTED]>
>X-Mailer: Internet Mail Service (5.5.2657.72)
>Precedence: bulk
>Return-Path: [EMAIL PROTECTED]
>X-OriginalArrivalTime: 16 Mar 2004 18:40:40.0966 (UTC) 
>FILETIME=[2EAA6A60:01C40B86]
>
>MACS (MS Audit Collector System) will do all of that for you and likely 
>much more efficient than what you'd do yourself (and more secure as 
>well) - should be released soon (I think with 2003 SP1)
>
>/Guido
>
>   _____
>
>From: Creamer, Mark [mailto:[EMAIL PROTECTED]
>Sent: Dienstag, 16. M�rz 2004 19:18
>To: [EMAIL PROTECTED]
>Subject: [ActiveDir] security event log audits
>
>
>
>Has anyone had success putting together something home-grown to 
>centralize security event logs into a sql database? If so, I wanted to 
>get some tips on how the tables should be set up - can all events that 
>are captured in the security log be placed in the same table, or do 
>different events have their own structure and would have to go into 
>separate tables?
>
>
>
>Also, I'm familiar with EventCombMT and eldump - are there any other 
>tools I should be considering to pull the data? I'm assuming I'll need 
>to use something like one of those to act as the middleware between the 
>logs and the database.
>
>
>
>Thanks...
>
>
>
>Mark Creamer
>
>Systems Engineer
>
>Cintas Corporation
>
>Honesty and Integrity in Everything We Do
>
>
>

_________________________________________________________________
Add photos to your e-mail with MSN 8. Get 2 months FREE*. 
http://join.msn.com/?page=features/featuredemail

List info   : http://www.activedir.org/mail_list.htm
List FAQ    : http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info   : http://www.activedir.org/mail_list.htm
List FAQ    : http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/

List info   : http://www.activedir.org/mail_list.htm
List FAQ    : http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/

Reply via email to