Announcement

Collapse
No announcement yet.

Best way to audit Server 2008 Auditing?

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Best way to audit Server 2008 Auditing?

    Im figuring there is a GPO for this and I have seen a few however before I go out and just do trial and error.

    My siutation, I want to log connections logons/failures to VIA RDP and I want to make sure to log the Source IP in the event viewer.

    If it were possible Id like for it to dump to an independent event viewer file

    Anyone have any idea or links for the best way to do this? I want to make sure this is effective to all servers.

    Thanks

  • #2
    Re: Best way to audit Server 2008 Auditing?

    You can use Quest inTrust for central logging. However, as event doesnt offer the Source IP as I remember, so you will need to use the build in firewall for this option.
    Another option to force users to use web inteface and then you can review the IIS logs for source IP..
    Best Regards,

    Yuval Sinay

    LinkedIn: https://www.linkedin.com/in/yuval14, Blog: http://blogs.microsoft.co.il/blogs/yuval14

    Comment

    Working...
    X