mailing list archives
Re: [PEN-TEST] Audit package
From: Peter Rietveld <priet () CENTENNIUM NL>
Date: Wed, 27 Sep 2000 19:26:26 +0200
Several exist, low end like LogCaster, high end March Security Manager,
pricey but nice since it combines UNIX and NT support. Of course there is a
load of settings and queries to build. have built LogCaster to MS SQL, but
analyzing the logs is the difficult part. My best succes was the number of
times accounts show up in the NT logs, and relate that over a longer period.
You know, filtering out users that 'click on anything' on the screen, they
usually do that all the time. If admins know, say MS Access, using a MS SQL
is the easiest way to go.
----- Original Message -----
From: "Michael Graham" <graham_michael () HOTMAIL COM>
To: <PEN-TEST () SECURITYFOCUS COM>
Sent: Wednesday, September 27, 2000 1:04 PM
Subject: [PEN-TEST] Audit package
I hope this is the right sort of question.
Does anyone know of a package/application that uses the info created in
Audit log of say NT or UNIX and enables administrators to drill down and
info about users' movements like if someone is accessing loads of
files/directories on a given day etc.
The reason I ask is this, the Audit log doles out loads of info however I
want to be able to interrogate it and apply particular search routines to
it, to get that salient info only.
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
Share information about yourself, create your own public profile at