[logs] Re: Syslog and Windows
Chris Brenton
cbrenton at chrisbrenton.org
Thu Jun 21 22:11:40 PDT 2007
http://www.loganalysis.org/sections/syslog/windows-to-syslog/index.html
Scroll half way down. Kiwi seems to be the most popular but IMHO Windows
does not make the best logging platform and should be avoided unless you
are homogeneous.
HTH,
C
On Fri, 2007-06-22 at 00:35 -0400, Bill Scherr IV wrote:
> All...
>
> What do you suggest for sending windows logs to syslog
>
> B.
>
> On 18 Jun 2007, a message purporting to be from Chris Brenton appeared:
>
> Subject: Re: [logs] Facility 101 (was: Syslog and facilities)
> From: Chris Brenton <cbrenton at chrisbrenton.org>
> To: loganalysis <loganalysis at loganalysis.org>
> Date sent: Mon, 18 Jun 2007 09:04:41 -0400
>
> > The other problem is some of the facilities are a bit dated. For example
> > there is a facility for FTP (11) but not HTTP. UUCP even has its own
> > facility (8) but of course no one uses it anymore (I use it for my Windows
> > stuff. Keeps it from getting mixed in with other log entries ;-)
> >
>
> Bill Scherr IV, GSEC, GCIA
> Principal Security Engineer
> EWA Information and Infrastructure Technologies
> bscherr at iit-tek.com
> bscherr at ewa.com
> 703-478-7608
>
More information about the LogAnalysis
mailing list