Re: Centralized event log collection

• Previous message: Jim Macklin: "Re: Identifying a router"
• Messages sorted by: [ date ] [ thread ]

Date: Mon, 07 Jun 2004 16:18:25 -0000

In article <#jAk7jlnDHA.2848@TK2MSFTNGP10.phx.gbl>, prk wrote:
> Hi,
>
> you can check two free tools: NTSysLog (http://ntsyslog.sourceforge.net) for
> the workstations and my SysLog2ODBC (http://www.synematools.com) for the
> central repository.
>
> As written in the NTSysLog description...
>
><< This program runs as a service under Windows NT based operating systems.
> It formats all System, Security, and Application events into a single line
> and sends them to a syslog(3) host. >>
>
> I released just few days ago the 0.2 version of SysLog2ODBC...
>
><< SysLog2ODBC for Windows is a SysLog server with ODBC logging facility
> that can be run as a Win32 service. It starts listening on a configurable
> UDP port and, for each syslog message it receives, it executes a
> customizable SQL statement. >>
>
> Actually I'm running it on a network, collecting about 25000 messages per
> day (from 10:00 to 18:00!) and storing them on a mySQL database.
>
> Bye
>
> prk - SyNeMaTools.com
> http://www.synematools.com
> e-mail: http://www.synematools.com/contactme.asp
>
> "MadDHatteR" <blah@example.com> ha scritto nel messaggio
> news:eVVFevTnDHA.2512@TK2MSFTNGP09.phx.gbl...
>>
>> Has anyone written a script that picks up new entries to a workstation's
>> event log (security log, in particular) then collects them/forwards them
> to
>> a centralized repository, perhaps subject to some filtering?
>>
>> I'm looking to create a centralized domain-wide security event log similar
>> to forwarding of loghost on unix machines. I'm starting from scratch, but
>> I'd much appreciate if anyone could give me a head start :-).
>>
>> \\ MadDHatteR
>>
>>
>>
>
>

How to get WMI/VBS to send the events through to syslog? How to make
WMI/VBS use UDP?

• Previous message: Jim Macklin: "Re: Identifying a router"
• Messages sorted by: [ date ] [ thread ]