GFI.com, did offer a free version of their log analyser. It would help you translate what is going on in your log files.
Maybe one day, the OS maker will see fit to translate all the crap into something readable. Good luck JM -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: 25 January 2002 22:49 To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: How to read w2000 Security events You need to (see note 1) verbatim post the event log entries. We can't guess what is happening. Not enough data. Also add the event ID so that a search of the TechNet Knowledge Base can have a chance of being successful. I can hazard one guess on the "this user does not have access to this machine". I have seen this when a service attempts to start but the user name/password does not have specific permissions/does not match, such as the system logon being used for one of the exchange services, rather than the specifically created exchange admin account created for exchange services. It gives this type of error. Without the actual errors, we are all going to be blindly guessing. NOTE 1: You don't need to post the actual information for your system. If an error specifies something such as a specific account name, of course insert a bogus name. We don't want to give anyone enumerating your system a leg up. Let them do it the hard way. :-) D. Weiss mcse/ccna/ssp2 -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Thursday, January 24, 2002 6:08 PM To: [EMAIL PROTECTED] Subject: How to read w2000 Security events Can anyone tell me how to interpret the successful and failure audits for security events in event log? They log different things but there is no info on what they mean, or what to do about it. for example, my server that is also our firewall/gateway has entries that 'this user does not have access to this machine' yet I am the only one that logs in there. Others say things like account change attempt etc yet I am the Admin here and never changed the username. strange
