[Samba] programmatical retrieval of windows event logs from linux
dave
ceek63 at yahoo.com
Thu Jul 20 16:56:05 GMT 2006
I was only looking at Native windows support with no Hassles of
any external agent installation:
> Am a Linux guy and trying to support security monitoring for Windows devices. Am trying to find a programmatic way of pulling security and application logs
> from Windows machine. OR it can be a push model where windows can generate
> events/traps. It should all be built-in in windows with no external tool installation.
>
> Looks like there is no NATIVE built in asynchronous event reporting from
> windows (2000/2003/xp)?
> It can be in terms of SNMP Traps as well.
>
> Given this, one can use Samba apis (rpcclient) to periodically pull the event logs
> from windows. Is there any better way to accomplish the same programmatically
> using Push or Pull model to get the security and application logs on windows from Linux ?
Jeff Saxton <jeff.saxton at sensage.com> wrote: http://www.intersectalliance.com/projects/SnareWindows/
dave wrote:
> Am a Linux guy and trying to support security monitoring for Windows devices. Am trying to find a programmatic way of pulling security and application logs
> from Windows machine. OR it can be a push model where windows can generate
> events/traps. It should all be built-in in windows with no external tool installation.
>
> Looks like there is no NATIVE built in asynchronous event reporting from
> windows (2000/2003/xp)?
> It can be in terms of SNMP Traps as well.
>
> Given this, one can use Samba apis (rpcclient) to periodically pull the event logs
> from windows. Is there any better way to accomplish the same programmatically
> using Push or Pull model to get the security and application logs on windows from Linux ?
>
>
> -Dave
>
>
>
>
>
> ---------------------------------
> Do you Yahoo!?
> Next-gen email? Have it all with the all-new Yahoo! Mail Beta.
--
Jeff Saxton
SenSage, Inc.
55 Hawthorne Street Suite 700
San Francisco, CA 94105
Phone: 415.808.5900
Fax: 415.371.1385
Direct: 415-808-5921
Cell: 650-235-0776
mailto:support at sensage.com
Enterprise Security Analytics
SenSage, the leading provider of enterprise security analytics, offers
unparalleled performance and a scalable means for organizations to centrally
aggregate, efficiently analyze, dynamically monitor and cost-effectively
store massive volumes of event log data.
---------------------------------
See the all-new, redesigned Yahoo.com. Check it out.
More information about the samba
mailing list