Re: Security Logs are hard to read
- From: v-yanniw@xxxxxxxxxxxxxxxxxxxx ("Jenny wu [MSFT]")
- Date: Tue, 08 Aug 2006 07:14:02 GMT
Hi Anna,
Thanks for posting here. Also thanks for Avanwey's input.
From your description, I understand that you want to know how to filternormal security network traffic to clean the stuff in security logs. If I
am off base, please don't hesitate to let me know.
As Avanwey said, we usually use Filter function in Event Viewer to clean
the view of the logs. You can do as follows:
1. Open Event Viewer (eventvwr.msc) console, right click Security item in
the left panel to choose View -> Filter.. to open the Security properties
page.
2. Under Filter tab, you can Uncheck the checkboxes "Information", "Success
audit" "Warning" as you needed to clean the viewer so that you can easily
find the information you need.
3. And also you can specify the exact Event source, category, Event id,
user, computer to filter information you needed. You can set different
filter conditions every time for different aim. The process can not affect
the true security log file. And we can not customize the log file such as
recorded interval, event source, category and so on in event viewer since
the log files are created for trouble shooting aim by administrators and
Microsoft engineers.
Is the server box running on the SBS 2003 server? If yes, you can use the
monitoring component to create customized server performance report and
server status report for you to monitor the server to ensure the server
running under stable status and notify you if there is any critical errors
happens on the server. You can get detail information about the monitoring
component by searching in Help and Support center.
You can find the monitoring component in Server Management console ->
Monitoring and Reporting, click Set up Monitoring Reports and Alerts to
configure performance and usage settings. The component will take about 24
hours to collect data to create reports.
More information:
================
The usage information for internet activity contained in the server usage
report includes the following information:
-- Internet Activity Web Activity by Computer.
The total and average daily hours a client computer was connected to the
Internet during the reporting period.
--Web Traffic by Hour.
The total and average daily number of connections made by all client
computers, by hour, during the reporting period.
Hope above information helps. Please let me know if you have further
question on the issue. I am happy to be of assistance to you and look
forward to your reply.
Have a nice day!
Sincerely,
Jenny Wu
Microsoft CSS Online Newsgroup Support
Get Secure! - www.microsoft.com/security
======================================================
This newsgroup only focuses on SBS technical issues. If you have issues
regarding other Microsoft products, you'd better post in the corresponding
newsgroups so that they can be resolved in an efficient and timely manner.
You can locate the newsgroup here:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
When opening a new thread via the web interface, we recommend you check the
"Notify me of replies" box to receive e-mail notifications when there are
any updates in your thread. When responding to posts via your newsreader,
please "Reply to Group" so that others may learn and benefit from your
issue.
Microsoft engineers can only focus on one issue per thread. Although we
provide other information for your reference, we recommend you post
different incidents in different threads to keep the thread clean. In doing
so, it will ensure your issues are resolved in a timely manner.
For urgent issues, you may want to contact Microsoft CSS directly. Please
check http://support.microsoft.com for regional support phone numbers.
Any input or comments in this thread are highly appreciated.
======================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
From: "avanwey@xxxxxxxxxxxxx" <avanwey@xxxxxxxxxxxxx>GMT)
Newsgroups: microsoft.public.windows.server.sbs
Subject: Re: Security Logs are hard to read
Date: 7 Aug 2006 08:00:56 -0700
Organization: http://groups.google.com
Lines: 2
Message-ID: <1154962855.961577.43960@xxxxxxxxxxxxxxxxxxxxxxxxxxx>
References: <Ok2FwvhuGHA.3912@xxxxxxxxxxxxxxxxxxxx>
NNTP-Posting-Host: 70.243.210.135
Mime-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
X-Trace: posting.google.com 1154962861 1689 127.0.0.1 (7 Aug 2006 15:01:01
X-Complaints-To: groups-abuse@xxxxxxxxxx..NET CLR 1.1.4322),gzip(gfe),gzip(gfe)
NNTP-Posting-Date: Mon, 7 Aug 2006 15:01:01 +0000 (UTC)
In-Reply-To: <Ok2FwvhuGHA.3912@xxxxxxxxxxxxxxxxxxxx>
User-Agent: G2/0.2
X-HTTP-UserAgent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1;
Complaints-To: groups-abuse@xxxxxxxxxxTK2MSFTNGXA01.phx.gbl!TK2MSFTNGP01.phx.gbl!TK2MSFTFEEDS01.phx.gbl!newsfeed00
Injection-Info: 75g2000cwc.googlegroups.com; posting-host=70.243.210.135;
posting-account=pqcEtA0AAADLxe2QgIXUArNo3d9S8toj
Path:
..sul.t-online.de!t-online.de!border2.nntp.dca.giganews.com!border1.nntp.dca.
giganews.com!nntp.giganews.com!postnews.google.com!75g2000cwc.googlegroups.c
om!not-for-mail
Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windows.server.sbs:287612
X-Tomcat-NG: microsoft.public.windows.server.sbs
Try using the Filter function under the View menu.
.
- Follow-Ups:
- Re: Security Logs are hard to read
- From: Anna Clark
- Re: Security Logs are hard to read
- References:
- Security Logs are hard to read
- From: Anna Clark
- Re: Security Logs are hard to read
- From: avanwey@xxxxxxxxxxxxx
- Security Logs are hard to read
- Prev by Date: RE: Public Folders
- Next by Date: RE: SBS Client logon slow, once more
- Previous by thread: Re: Security Logs are hard to read
- Next by thread: Re: Security Logs are hard to read
- Index(es):
Relevant Pages
|
