G
Guest
Hello you lovely security people, I hope you can help me,
My audit log is BIG and has lots of THINGS in it. I can understand what they
are but it is BORING looking through them. I want to see a list of the ACTUAL
things that happened, in a nice format.
Do you know where I can get clever (or simple) software that processes all
the events and tells me when people logged on, logged off, password errors
etc? ie something that filters out all the events I'm not that interested in
(Kerberos this, and Active Directory that) and possibly does it in nice
colours so it is easily readable..
I've already trimmed down to just the "audit logon events" in GP but it
still logs about a million things a day and there are only 10 users!
I've googled this for a bit but I'm going round in circles.
Joe
My audit log is BIG and has lots of THINGS in it. I can understand what they
are but it is BORING looking through them. I want to see a list of the ACTUAL
things that happened, in a nice format.
Do you know where I can get clever (or simple) software that processes all
the events and tells me when people logged on, logged off, password errors
etc? ie something that filters out all the events I'm not that interested in
(Kerberos this, and Active Directory that) and possibly does it in nice
colours so it is easily readable..
I've already trimmed down to just the "audit logon events" in GP but it
still logs about a million things a day and there are only 10 users!
I've googled this for a bit but I'm going round in circles.
Joe