Auditing Server Applications and Services
Server applications and services may post events to the Application and System log or to special log files specific to them. Although much of this information may be more helpful for troubleshooting network, OS, or application operation, rather than auditing, some security-specific data may be present, especially if the application or service is configured to do so. A good rule of thumb is to expect that some configuration may need to be done in order to produce audit information and take a good look at documentation and administration tools. Fortunately, Microsoft and others are cognizant of audit requirements and are building opportunities for event collection as well as providing more documentation ...
Get Windows Server 2003 Security: A Technical Reference now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
