> For NTDS, I am afraid that ossec will not support it properly, since > we hard-coded > a validator looking for "Security", "Application" or "System"... I > will see if I can fix it > for the next snapshot. Is there any more event log "sources" that we may > need to > add?
Event logs I have on my network: Internet Explorer Windows PowerShell Directory Service DNS Server File Replication Service And I know I've seen one relating to .NET but I can't remember which server that was on. This message contains TMA Resources confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message which arise as a result of e-mail transmission. If verification is required please request a hard-copy version.
