A number of methods exist for monitoring events written to the security Event log. These methods range from reading the events manually by using the Event Viewer to using powerful automated event-consolidating and event-monitoring software such as Microsoft Operations Manager. Each method serves a specific purpose; you need to select a method that is most appropriate for your environment and particular situation. These are the four primary methods for monitoring events:
Fully automated tools, such as Microsoft Operations Manager
The discussion of fully automated event-monitoring tools is outside the scope of this book. This section covers the other three methods.