Cool Auditing Tricks in Vista and 2008

re: Cool Auditing Tricks in Vista and 2008

NedPyle [MSFT] — Mon, 14 Apr 2008 18:34:12 GMT

Hi,

Not sure I understand your question (statement)? Can you tell me more specifically about what you're seeing and I can offer some solutions.

- Ned

WinRM generates a lot of useless events on a target machine

bioform — Mon, 14 Apr 2008 18:24:56 GMT

Each time when WinRM receives events from target machine it generates few events in the target machine Security log. So after one week Security log goes full.

It's a crap :(

Auditing Elevation on Windows Vista

Evolving the Software Organism — Wed, 19 Mar 2008 21:17:06 GMT

A little while ago, I was investigating the customer experience data on elevations which we use to identify

Windows Server 2008 – AD Auditing Enhancements

eXtreme. cool technology. live life on the edge. — Fri, 30 Nov 2007 20:41:37 GMT

I hope this post will act as a good reference point to be able to quickly understand the good and bad

Fine-grained auditing tricks with Vista and Server 2008

Aaron Tiensivu's Blog — Sat, 17 Nov 2007 23:52:31 GMT

Not only is there fine-grained password control, there is also enhanced auditing. Vista and 2008 now support granular auditing, meaning that instead of a couple large categories you can specify very specific elements to be audited. The advantage here