Start for free. * Install Kiwi-Enterprises SysLog daemon on a server * Install NT-SysLog on your servers (to send events to a SysLog server) * Filter and Report from the SysLog server
Once you start getting the info you want to see, compare this to any other product out there and see what value they add for the money. You can even dump the reports to a SQL database from the SysLog server. ASB http://www.ultratech-llc.com/KB -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Meade, Devin Sent: Thursday, December 26, 2002 5:46 PM To: NT 2000 Discussions Subject: Event log maintenance / alerting package Group, The powers that be gave an OK to research/maybe buy an event log maintenance-alerting package!! I have never set one of these up, your assistance please . . . Our network: 9 Win2000 servers, 4 NT4 servers, using internal DNS, DHCP with native Active Directory Services. I started with Master Andrews list http://www.ultratech-llc.com/KB/?File=EventLog.TXT to see what is available. I also looked at www.swynk.com and complied a wish list: 1. Filter out the junk in the evt logs. 2. Alert based on predefined conditions (disk space, service stop, password guess attempt, mass move of a folder, etc...). 3. Archive the event logs. 4. Would be nice if done via SYSLOG (but not necessary). 5. Did miss any biggies?? Products that look good from the sales blurbs ;-) http://www.eventid.net/adiscon.asp Looks like the right fit for us at about $600 for 10 servers. Integrates with eventid.net - way cool feature. This is my first choice. http://www.gfi.com/lanselm/ Looks really cool - higher priced than adiscon. http://www.systemtools.com/hyena/index.html Looks good - still higher priced than adiscon. Note - dumping the logs seems to be fairly easy with scripts, freeware and or the resource kit. I am looking to do some analysis. What do you guys use for Event log maintenance and alerting? Thanks and hope you had a Merry CHRISTmas, Devin L. Meade, CNE, MCP Network Administrator Frankfurt-Short-Bruza www.fsb-ae.com www.oklahomadome.com ------ You are subscribed as [email protected] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to [EMAIL PROTECTED]
