On Thu, Apr 13, 2006 at 02:18:54PM -0400, Bliss, Aaron wrote: > Hi everyone; Does anyone know of any tools that are designed to easily > parse and report against syslog formatted windows event logs? The > administrator before me implemented a centralized logging solution in > which all member servers log to a centralized syslog server (redhat 3 es > server); It's easy enough to use logwatch to monitor the linux servers' > logs (again, these are all redhat servers), however I'm have not found > any products (open source or other wise) that can report against the > windows logs. Any ideas? Thanks. Have you checked out splunk? http://www.splunk.com/ http://www.splunk.com/index.php/articles/pictures/235#windows Also check out Snare for Windows - http://www.intersectalliance.com/projects/SnareWindows/ Snare is GPL and will send the Windows event log info to a syslog server. I haven't used it, but would like to... .../Ed -- Ed Wilts, RHCE Mounds View, MN, USA mailto:ewilts@xxxxxxxxxx Member #1, Red Hat Community Ambassador Program -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
