logo
May 22, 2019 | Jonathan Hassell

Top 4 Security Log Events to Audit

In this day and age, any organization with security on the forefront of their list of operational concerns needs to have an audit policy. Generally, this policy defines the types of log entries that will be monitored, the frequency with which those events will be monitored, and the action plan that...
February 25, 2019 | Adam Bertram

Windows Event Log Forwarding in Windows Server 2008

I love Active Directory auditing. I love it because with just a couple clicks of the mouse I can easily create a policy that immediately gets applied to 500 servers that begins recording useful information on about everything that goes on involving those servers. What I hate about AD auditing is...
March 27, 2019 | Adam Bertram

Tracking Malicious Windows Server Events with PowerShell

Windows servers can potentially generate thousands—or even hundreds of thousands—of events daily. Most are created from perfectly safe events that system administrators use to get a glimpse of what’s going on. An event might be generated to indicate a disk is running out of free space, an...
February 25, 2019 | Adam Bertram

Easy Event Log Querying with PowerShell

If you’re using any kind of native Active Directory (AD) auditing today you probably love the information it generates in the security event log. Native AD auditing is awesome about generating loads of useful information as to what happened and when. The problem arises when you actually want to...
February 25, 2019 | Danny Murphy

How to Make Automatic User Account Reports: Netwrix Auditor vs PowerShell

This How-to will help you create automatic reports about created user accounts in domain and send them to an e-mail using PowerShell. Additionally, we will compare this auditing method with the same operation in Netwrix Auditor. Let’s get started. Test a simple filter First, we need to get a...
October 19, 2020 | Nick Cavalancia

Can You Make Sense of Your Security Logs?

The average IT Pro doesn't need to be told stories about big data - you've been inundated with log data from dozens of sources for at least a decade before the term "big data" even came to exist. The concept of wanting security log and audit trail data being meaningful is also not new. Why,...
July 6, 2020 | Nick Cavalancia

What's Getting Lost in Your Log Data?

When stories come up in the news about data breaches, if you're like me, you tend to gloss over them if they seem similar to something you've already read.  I almost did that today.  But something in this story really got my attention. There's a story this week about Neiman Marcus being hit...
April 5, 2019 | Nick Cavalancia

Death by Event Log Overload

When it comes to security, event logs are supposed to be the best friends of an IT guy managing the environment, right? Roger Grimes from InfoWorld claims that the evidence of malicious activity can be found in Event Logs. So, if companies today already have all necessary data that points...
September 1, 2020 | Chris Rich

Survey: More than half of organizations still do not use a SIEM or Log Management solution

This month, NetWrix poll results revealed a shocking fact: 57% of organizations still don’t employ any SIEM solution or log management tool. In 2011, more organizations than ever before confessed to major security breaches and experts predict the trend will continue through 2012 and beyond. With...
September 1, 2020 | Chris Rich

TechRepublic names audit logging among top 10 best practices for Windows security

TechRepublic recently produced a list of 10 best practices for Windows security. In it was mention of audit logging as a best practice to improve Windows security. They consider Windows auditing challenging because of the vast amounts of raw data that typically is produced. If too much logging...
Show more articles
...