• Advertise
• Search
• Free Magazines
• Newest Links
• Categories
• Register
• Login

Practical Implementation of Syslog in Mixed Windows Environments for Secure Centralized Audit Logging

Added by Papergrl

Description: The Event log service is by design a distributed system, and there are no native Windows tools available to facilitate centralization of logging functions. In addition, the failure to conform to any external logging format standard makes it impossible to interoperate with the logging functions of other operating systems or network devices. The Windows Event viewer application offers only basic functionality and is inadequate for monitoring the audit log files of any medium to large size network. In this paper, I survey some of the options available to access the Windows Event log and demonstrate how to implement a versatile centralized remote logging solution using a commercially available Win32 implementation of the Syslog protocol.