is there anyway to have these log files save things not by size, but by
day to ensure that tracking between the logs can be done? [I'm pretty sure
the answer is no, and the only thing we can do is bump the size of those
logs but I thought I'd
ask the blonde question anyway]
Yes. There are a variety of auditing, monitoring and log tracking software
out there. Quest has one. There's also GFI SELM. One that certainly backs
up remote event logs by day is Prism Event Monitor. You can also suck all
of the event logs out using OVOW, etc.
Note. All the above is centrally saved, not isolated instances on remote
systems.
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
