Friday, June 11, 2010

Optimal Security Logging Strategies

If you're a Windows Admin, you know what a security log is, and if you're a good Windows admin, you know how important it is to keep your security logged optimal.

By keeping the log optimal, I'm of course referring to the fact that you're doing what you need to do to ensure that only the minimal essential set of security events are being logged in your security log and that you have a strategy in place that ensures that you're able to archive all your log events before your log rolls over.

Then there are some other essentials such as collecting and collating security event logs from all your domain controllers into one single database so you can get the complete view of what's really happening in your domain.

In this blog, I intend on sharing optimal logging strategies and other relevant aspects of security logging that could help improve your security logging strategies as well.