R
Ross
Hi guys
I wonder if you can help me with something.
I am trying implement centralised archvival of remote event logs via a
perl script I have written. It works quite well and I can retrieve
the information I want on a regular time period. The problem I have
is that every time I connect to a remote server to retrieve logs
(which can be every 10 minutes) I get the usual logon/logoff/kerberos
messages in the remote security log. The upshot being that it takes
longer and longer to retrieve the security logs because the program is
generating so much "noise".
I'm not sure if this is the route I want to take, but I was wondering
if it is possible stop logon/logoff auditing(or indeed any auditing)
for just the one account that is running the script and leave it
enabled for all others?
Any suggestions/hints much appreciated.
Regards
Ross
PS - Apologies for the repost, but for some reason this ended up on
the bottom of someone elses thread.
I wonder if you can help me with something.
I am trying implement centralised archvival of remote event logs via a
perl script I have written. It works quite well and I can retrieve
the information I want on a regular time period. The problem I have
is that every time I connect to a remote server to retrieve logs
(which can be every 10 minutes) I get the usual logon/logoff/kerberos
messages in the remote security log. The upshot being that it takes
longer and longer to retrieve the security logs because the program is
generating so much "noise".
I'm not sure if this is the route I want to take, but I was wondering
if it is possible stop logon/logoff auditing(or indeed any auditing)
for just the one account that is running the script and leave it
enabled for all others?
Any suggestions/hints much appreciated.
Regards
Ross
PS - Apologies for the repost, but for some reason this ended up on
the bottom of someone elses thread.