[unisog] "LogWatch" for Windows Systems

Josh Fiske jfiske at clarkson.edu
Wed Jul 19 12:22:21 GMT 2006


This is a useful tool that I've found to send Windows event logs over to 
our syslog server.  Once the logs are living on our syslog server, the 
standard logwatch stuff can parse it and send reports.  It doesn't deal 
with IIS logs, so it might not work for your situation, but I thought 
others might find it handy.

https://engineering.purdue.edu/ECN/Resources/Documents/UNIX/evtsys/

-- Josh
- - - - -
Joshua Fiske, Network and Security Engineer
Clarkson University, Office of Information Technology
(315) 268-6722 -- Fax: (315) 268-6570
jfiske at clarkson.edu

CONFIDENTIALITY:  This e-mail (including any attachments) may contain 
confidential, proprietary and privileged information, and unauthorized 
disclosure or use is prohibited.  If you received this e-mail in error, 
please notify the sender and delete this e-mail from your system.




Chris Green <cmgreen at uab.edu> 
Sent by: unisog-bounces at lists.sans.org
07/17/2006 03:14 PM
Please respond to
UNIversity Security Operations Group <unisog at lists.sans.org>


To
Unisog <unisog at lists.sans.org>
cc

Subject
[unisog] "LogWatch" for Windows Systems






Good day,

Does anyone know of a set of scripts kinda like LogWatch for windows 
systems
that would email a daily report of event log and abnormal IIS activity?

Not really sure of where I should start looking for such a thing and
starting my own is somewhere along the good intention freeway.

Thanks,
Chris
-- 
Chris Green
UAB Data Security, 5-0842

_______________________________________________
unisog mailing list
unisog at lists.sans.org
http://www.dshield.org/mailman/listinfo/unisog

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.dshield.org/pipermail/unisog/attachments/20060719/faa38a03/attachment.htm 


More information about the unisog mailing list