Monitor unlimited number of servers
Filter log events
Create email and web-based reports

Direct access to Microsoft articles
Customized keywords for major search engines
Access to premium content

Windows Event Logs

Contains events reported by various applications installed on the Windows server. These can be Microsoft or 3-rd party applications
%SystemRoot%\System32\Config\AppEvent.evt
Contains all the auditing and security events.
%SystemRoot%\System32\Config\SecEvent.evt
Contains events reported by Windows system components (processes, kernel, drivers.
%SystemRoot%\System32\Config\SysEvent.evt
Contains events reported by Active Directory
%SystemRoot%\System32\Config\Director.evt
Contains events reported by Microsoft Windows DNS Server.
%SystemRoot%\System32\Config\DNSEvent.evt
Contains events reported by Microsoft FRS Service.
%SystemRoot%\System32\Config\NTFrs.evt
 
Note: Win2K Professional, XP or Vista cannot read any of the DNS/FRS/DS logs, unless the Admin pack is installed.

Event Log Types

An event that describes the successful operation of an application, driver, or service. For example, when a network driver loads successfully, an Information event will be logged.
A significant problem, such as loss of data or loss of functionality. For example, if a service fails to load during startup, an error will be logged.
An event that is not necessarily significant, but may indicate a possible future problem. For example, when disk space is low, a warning will be logged.
An audited security access attempt that succeeds. For example, a user's successful attempt to log on to the system will be logged as a Success Audit event.
Audit - An audited security access attempt that fails. For example, if a user tries to access a network drive and fails, the attempt will be logged as a Failure Audit

Windows Event Log Analysis Splunk App

Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net.

Read more...

 

Cisco ASA Log Analyzer Splunk App

Obtain enhanced visibility into Cisco ASA firewall logs using the free Firegen for Cisco ASA Splunk App. Take advantage of dashboards built to optimize the threat analysis process.

Read more...