If ever there was a perfect example of the "needle in the haystack" syndrome, it's the Windows Security Log. In order to get the important audit events you need, you also have to deal with a deluge of unimportant, useless noise events. Windows audit policy just isn't flexible or granular enough to configure the noise out of the security log. You have to filter the noise events after the fact. But what events are noise that you can safely discard and what is real audit data you don't want to lose?
In this webinar I will answer those questions. You will take a way a list of "noise" events that you can then implement in your respective log management processes. This is much more than a list of simple event IDs; unfortunately very few event IDs are always noise. More often it's a matter of filtering out events that match a certain event ID and also contain other information in the description of the event.
Join me for this webinar and you'll learn over event patterns you can use to greatly reduce the amount of events you need to review in the security log. You'll also get a chance to learn about Trigeo's log management solution and how they approach this and other challenges with log management and monitoring.
To make this webinar possible your registration data will be shared with our sponsor.
Don’t miss this valuable training. Even if you can’t make the live event register now.
Registering now is the only way to watch the recorded version.
Date: Thursday, December 13, 2007
Thanks as always for reading and best wishes on security,
Randy Franklin Smith
Here are some coupon codes you can use! They expire in 7 days though, so don't let this opportunity pass you by.
Edition Coupon code Savings
Bronze QRB $10
Enterprise-class Log Management and SEM – Powerful, Easy, Affordable – LogRhythm _______________________________________________________________________________
Disclaimer: We do our best to provide quality information and expert commentary but use all information at your own risk.
No comments:
Post a Comment