Wednesday, May 16, 2007

Windows Event Auditing

Just a quick post to mention a spreadsheet i`ve put together, for some up coming articles on Windows Event Auditing with MARS.



In this spreadsheet which i hope to release to the user group first, and then Blog, i`ve expanded the knowledge of what MARS knows about certain Windows events, and correlated this with example Alerts and Microsoft explanations/NTLM error codes and Logon Types.
Posted by at
Labels:

1 comment:

Marsian said...

I'm trying to push windows events logs from a windows server to CS-MARS, but i MARS seems to be not recieving the events. i have configured MARS and SNARE agent on windows severs as necessary steps.

Can some body clear why this is not happeneing ?

Thanks
Wish

1:33 pm

Post a Comment

Subscribe to: Post Comments (Atom)