RE: [ActiveDir] security event log audits

[Celone, Mike]

Will this work for Win2k servers also?   Mike From: GRILLENMEIER,GUIDO (HP-Germany,ex1) [mailto:[EMAIL PROTECTED] Sent: Tuesday, March 16, 2004 1:40 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] security event log audits MACS (MS Audit Collector System) will do all of that for you and likely much more efficient than what you'd do yourself (and more secure as well) - should be released soon (I think with 2003 SP1)   /Guido From: Creamer, Mark [mailto:[EMAIL PROTECTED] Sent: Dienstag, 16. März 2004 19:18 To: [EMAIL PROTECTED] Subject: [ActiveDir] security event log audits Has anyone had success putting together something home-grown to centralize security event logs into a sql database? If so, I wanted to get some tips on how the tables should be set up - can all events that are captured in the security log be placed in the same table, or do different events have their own structure and would have to go into separate tables?   Also, I'm familiar with EventCombMT and eldump - are there any other tools I should be considering to pull the data? I'm assuming I'll need to use something like one of those to act as the middleware between the logs and the database.   Thanks...   Mark Creamer Systems Engineer Cintas Corporation Honesty and Integrity in Everything We Do