Security Audit Events for Windows 2008 and Windows Vista

 

I field numerous questions from Clients regarding Security Audit Event values when configuring Security Settings and SC Operations Manager 2007 Monitors and Rules.  Finally, a single Worksheet has been generated by Microsoft which begins to document Security Audit Events instead of referencing 3 or 5 'Security Guides' that partially reference specific Audit Event values. 

Several observations regarding this Security Audit Event Worksheet are appealing.  Specifically, the ability to use the Excel Worksheet 'Data Filter' capability to isolate a single Event ID by Number.  Also, when writing detailing SCOM2k7 Monitors we can focus on generating a legible Event Description detail.   If you have not seen the complete listing of Windows 2008 Materials from Microsoft Press you will find a searchable list here.

Security Audit Events for Windows 2008 and Windows Vista

      

The Security Audit Event Worksheet displays Events by Category, Sub-Category, Event ID, Message Summary and Minimum Operating System.

      

The 'Complete Event Message' Tab details reference detail useful when generating SCOM2k7 Monitors.

 

 

Lynn Lunik
Chief Security Architect
IT Pro Secure Corporation
blog@itprosecure.com

Blog Tags: Amazon Web Services, Forefront Client SecurityForefront Endpoint Protection 2010, Hyper-VVirtual PC 2007,  SCOM2k7, SQL2k8, Windows 7Windows 2008Exchange 2007, Exchange 2010Failover Clustering – ITPS, Failover Clustering – LL

   

      

1 Comment(s) 11:40 - Dec 16, 2008



Trackbacks

No Trackbacks

Comments

No Comments