Announcement

Collapse
No announcement yet.

The most important vent ID to monitor on your DC ?

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • The most important vent ID to monitor on your DC ?

    Hi All,

    I'm about to put Server Event ID / monitoring for my Domain Controllers to prevent any problem (eg. failed replication and disk failure or database corruption)

    Can anyone share here what are those error event ID please ?

    Thanks.

  • #2
    Re: The most important vent ID to monitor on your DC ?



    http://technet.microsoft.com/en-us/l.../cc180912.aspx

    Comment


    • #3
      Re: The most important vent ID to monitor on your DC ?

      There are no single "important" events to monitor -- all can be relevant and depend on your whole infrastructure

      I recommend
      (if budget permits) software such as GFI EventViewer (other products exist...) to centrally archive and report on events across your server estate

      (if you are a cheapskate ) scheduled scripts to export event logs daily to CSV, then some Excel macros to read them in and cross tab them.

      I use the latter option with a big client and get useful reports which allow me to see connections between the events and servers.
      Tom Jones
      MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
      PhD, MSc, FIAP, MIITT
      IT Trainer / Consultant
      Ossian Ltd
      Scotland

      ** Remember to give credit where credit is due and leave reputation points where appropriate **

      Comment


      • #4
        Re: The most important vent ID to monitor on your DC ?

        Originally posted by Ossian View Post
        There are no single "important" events to monitor -- all can be relevant and depend on your whole infrastructure

        I recommend
        (if budget permits) software such as GFI EventViewer (other products exist...) to centrally archive and report on events across your server estate

        (if you are a cheapskate ) scheduled scripts to export event logs daily to CSV, then some Excel macros to read them in and cross tab them.

        I use the latter option with a big client and get useful reports which allow me to see connections between the events and servers.
        oh, because I already have
        Code:
        https://emite.com/emite/default.aspx
        in place, but don't know which EventID that I need to put to trigge the alarm

        Comment


        • #5
          Re: The most important vent ID to monitor on your DC ?

          Suggest you "baseline" by gathering information over a period of time then review the events you are collecting. For each one (if errror or warning) consider whether it is serious enough to warrant an alarm
          Tom Jones
          MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
          PhD, MSc, FIAP, MIITT
          IT Trainer / Consultant
          Ossian Ltd
          Scotland

          ** Remember to give credit where credit is due and leave reputation points where appropriate **

          Comment

          Working...
          X