Logging and processing logs from Windows 7



Windows 7 is pretty good at logging, but what do you do with all those log files? We look at some monitoring tools that can help you get the most out your logging data.

This month, I’m talking about Windows 7. I must admit I spent some time trying to come up with a good security topic related to Windows 7 that I haven’t covered before. I’ve already done cross-platform host-based intrusion detection systems (OSSEC), and I’ll leave IPsec setup with Windows 7 and Linux to someone else. I tried to figure that out once, but gave up and went with a Shrew Soft IPsec client instead.

Read full article as PDF:

072-073_kurt.pdf (1,001.69 kB)

Related content

  • Security Lessons: Rsyslog

    Might as well do it properly – rsyslog.

  • Charly's Column

    Using SQL to sift syslog data out of a database is an admittedly universal, but also fairly convoluted approach. phpLogCon, with its web interface, gives admins an easier option.

  • Charly's Column

    Well-used services write reams of log information to disk, which is not only bothersome from a storage perspective but also pushes grep and the usual group of statistics tools to their limits. Will hitching the syslog daemon up to a database help?

  • Security Lessons: auditd

    The auditd tool can provide system logging capabilities to satisfy even the most paranoid users.

  • Security Lessons: Capabilities

    Granting root access, even temporarily, is rife with danger. Capabilities could help.

comments powered by Disqus

Direct Download

Read full article as PDF:

072-073_kurt.pdf (1,001.69 kB)