EventId.Net -
EventID.Net

Home Search Events Books Documents TCP/IP Ports Contributors About Us
Log in Q Finder Links Firewalls IT Admin Tasks Log Management Legal
 
 




 

By Adrian Grigorof, MCSE 

Windows NT has 3 types of logs:

Application Log - Contains events reported by various applications installed on the Windows NT server. These can be Microsoft or 3-rd party applications. 

File: %SystemRoot%\System32\Config\AppEvent.evt

Security Log - Contains all the auditing and security events. 

File: %SystemRoot%\System32\Config\SecEvent.evt

System Log - Contains events reported by Windows NT system components (processes, kernel, drivers.

File: %SystemRoot%\System32\Config\SysEvent.evt

 

Windows 2000 Servers configured with Active Directory or just DNS has 3 additional logs:

Directory Service - Contains events reported by Active Directory

File: %SystemRoot%\System32\Config\Director.evt

DNS Server - Contains events reported by Microsoft Windows 2000 DNS Server.

File: %SystemRoot%\System32\Config\DNSEvent.evt

File Replication Service - Contains events reported by Microsoft FRS Service.

File: %SystemRoot%\System32\Config\NTFrs.evt

Note: Win2K Professional cannot read any of the DNS/FRS/DS logs, unless the Admin pack is installed.

 

NT/2000 Event logs contain 5 types of events:

Information - An event that describes the successful operation of an application, driver, or service. For example, when a network driver loads successfully, an Information event will be logged.

Error - A significant problem, such as loss of data or loss of functionality. For example, if a service fails to load during startup, an error will be logged.

Warning - An event that is not necessarily significant, but may indicate a possible future problem. For example, when disk space is low, a warning will be logged.

Success Audit - An audited security access attempt that succeeds. For example, a user's successful attempt to log on to the system will be logged as a Success Audit event.

Failure Audit - An audited security access attempt that fails. For example, if a user tries to access a network drive and fails, the attempt will be logged as a Failure Audit event.

 
 

  Featured Links
GFI EventsManager - Network-wide event log management - Download free 30-day trial!

Free Online Event Scanner - Scan your pc for high security events with GFI's free online service.
EventID.Net Subscription - So much information for so little!

 

 

 

 

Legal - EventID.Net © 2001-2008 Altair Technologies Ltd., All rights reserved - Sign up for our Email Newsletter