We are using EvenReporter (10.1.344) as the syslog forwarder to get the windows security logs into Nitro. Audit recently came to us and wants to be able to track certain AD events. I've got auditing enabled and the logs are getting to Nitro, the problem we are running into is that the GUIDs are not being resolved before being sent to Nitro. Not sure why. So for example, something like this from a 566 Event in the Event Log:
Object Name: CN=Jane Doe,OU=ClientOU3,OU=Users,OU=Sales,DC=Acme,DC=com
Which does show the resolved name, will show up like this in Nitro:
String[%4]: %{e93fed32-8ca3-4122-994f-dcfae8fa212d}
Has anyone run into this issue before?
Thanks
Christopher Bodnar
Enterprise Achitect I, Corporate Office of Technology:Enterprise
Architecture and Engineering Services
Tel 610-807-6459
3900 Burgess Place, Bethlehem, PA 18017
[email protected]
The Guardian Life Insurance Company of America
www.guardianlife.com
-----------------------------------------
This message, and any attachments to it, may contain information
that is privileged, confidential, and exempt from disclosure under
applicable law. If the reader of this message is not the intended
recipient, you are notified that any use, dissemination,
distribution, copying, or communication of this message is strictly
prohibited. If you have received this message in error, please
notify the sender immediately by return e-mail and delete the
message and any attachments. Thank you.
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to [email protected]
with the body: unsubscribe ntsysadmin<<image/jpeg>>
