EventID.Net - Troubleshooting over 10,000 Windows event log entries
Subscribe to EventID.Net - Subscription benefits
Windows Event Log Monitoring – Where do I start?
The life of a Windows administrator could be quite a hectic one. Things are always happening, the phones ring, the emails pour, everything is urgent and yes, the servers have be monitored so nothing bad happens to them at any point in time. If it does happen, everyone would like to know how come that hasn’t been prevented by monitoring all the vital statistics in a server and action taken before it happened.
For important servers such as domain controllers, ideally, one would have to check the logs every 5 minutes and see if there was any error such as applications crashing or communication failures, any attempt to use restricted accounts or files, passwords guessing, logins outside the working hours and so on. The typical approach on this is to let things happen and react when the problem becomes visible or some users start to complain (and yes, they will be in the middle of a very important project that now is being held by these servers that have not been monitored properly). In many cases this would be true, but in all of them, money will be lost through lack of productivity or allocation of resources to firefight this type of problems.
Monitoring can be a tedious, thankless job, and it is just a matter of time before it becomes neglected. For larger environments, a manual monitoring is practically impossible and the human resources required to even attempt the implementation of such monitoring policy prohibitively expensive. The logical solution is to outsource this task to software that can perform the monitoring and only alert the human admins when something worth of attention happens.
There are many software packages available on the market
that claim to perform Windows servers monitoring. Some simply dump all the event
logs in a common repository and they let the administrator to decide what’s
important and what not. While this is better than nothing, it’s far from
perfect. So, what would be the ideal tool? Well, a well-designed monitoring tool
would mimic the actions of a senior Windows administrator by accessing all the
logs on a regular schedule (based on how important the monitored resources are),
parse the events, identify the ones that are worth reporting and raise alarms if
necessary. One such package is the
GFI EventsManager 2011, the latest version
from an established line of network monitoring solutions. We have recently
upgraded our monitoring system to EventsManager 2011 and we would like to share
the pro and cons of this product.
Read more...
IT News
• Lenovo ThinkPad X1 Carbon Ultrabook Is Ready for Its Close-Up
16 May 2012 at 2:03pm
Lenovos ThinkPad X1 Carbon Ultrabook officially debuted May 15, perhaps indicating that& despite jokes to the press about being the world's second-largest PC maker but having little brand-name reco...
• GFI Charity Fund Participates in another Rotary Hands-On Day
Once again, the GFI Charity Fund happily joined forces with Rotary Club Malta on its fourth edition of the Rotary Hands-On Day, held on May 12, at Dar Qalb ta? ?es?shelter for victims of dome...
• Malware Poses as Rainmeter Skins on deviantART
Recently I decided to improve my desktop with a little interactivity, and started dabbling with something called Rainmeter which displays customisable and functional skins in a variety of designs. ...
• GFI MAX voted ?Product of the Year?
We?re pleased to announce that GFI MAX was voted ?Product of the Year? at the 2012 Network Buyers Group Gala Dinner and Awards. The award was accepted on behalf of GFI by Keri Fullwood. ?We?re very...
• The Diablo No-No.
Diablo 3 is kind of a big deal, and now that I’ve referenced both Guild Wars and Ron Burgundy in the opening sentence I’m content to move on and talk about some of the spam you can look forward to ...
• Tell Us What You Think About Faxing and Enter Our Draw!
We continuously develop technology in our products to meet our clients? needs in the best way possible. Listening to our clients and understanding what they need is very important to us and to this...
• New Twitter Spam Run Leads to Android Rogue AV
For some time, we’ve seen site URLs with the dot TK (.tk) extension being spammed by bogus accounts on Twitter to random users. One of our threat researchers in the AV Labs found these particular T...
• Is Your Network Being Sniffed?
Is your network data safe? Do you know if your network traffic is being tracked and recorded by malicious third parties? Most importantly, how would you know if your network is infected and what ca...
• HIPAA ? IT compliance
HIPAA is the Health Insurance Portability and Accountability Act that regulates the creation and handling of personal healthcare information. If you create or handle personal healthcare information...
Recommended Book
Mastering Windows Server 2003
- Get up to speed with
Windows 2003 Server - from the master himself, Mark Minasi.
Top 10 books
Recommended Product
GFI EventsManager - Events management solution boasting the most
advanced event processing and filtering rules in the industry.
Improve your network administration on four fronts with GFI
EventsManager: Beef up your information system and network security,
use event log based analysis to monitor system health, ensure legal
and regulatory compliance and easily carry out forensic
investigations.
Featured links
GFI EventsManager - Network-wide event log management - Download
free 30-day trial!
Free Online Event Scanner - Scan your pc for high security events
with GFI's free online service.
EventID.Net Subscription - So much
information for so little!