Guest pez Posted March 7, 2008 Posted March 7, 2008 I work at a credit union and for compliance reasons they want us to start documenting and interpreting the event logs of our servers. I do regularly monitor the event logs but I would definitely like some feedback as to how other admins approach this daunting task. I especially would like suggestions as to how to make sense of the security event logs. There are so many events (both success and failure logs) that are perfectly benign. What type of events do you need to look out for? Thank you for in advance for any advice given. Peter
Recommended Posts