Note: this week's tip is based on a message Bob Free posted to our HowTo for Security mailing list. Learn more about the mailing list by visiting the list FAQ.
As you know, I continually stress the need to closely monitor Windows event logs for suspicious activity. Doing so can help you spot security concerns--sometimes before they become problems. As you know, Windows doesn't offer an easy method to monitor event logs across various systems, but numerous third-party solutions are available that can do so: Some are standalone products, and some are part of a larger network management package. The following products are standalone event log monitoring packages. Keep in mind that the list is by no means complete, but it's a good starting point.
- Dorian Software, Event Analyst, http://www.doriansoft.com
- TNT Software, Event Log Monitor, http://www.tntsoftware.com
- Aelita Software, EventAdmin, http://www.aelita.com
- RippleTech, Logcaster, http://www.rippletech.com
- Opalis Robot, http://www.opalis.com
The following products monitor event logs as part of a larger suite of network monitoring and management tools: