Tag: security information and event management
Log Analysis Tools Review: Syslog, Filtering the Most Relevant Events
Who’s passed more than a weekend going almost blind because something in your didn’t work as it should, and it produced, hopefully, thousands of lines of error messages, almost all…
Balancing Stability and Agility
“The price of reliability is the pursuit of the utmost simplicity.” C.A.R. Hoare, Turing Award lecture. Software and computers in general are inherently dynamic and not of a state…
Windows Workstation Logs – Integration
In the final blog of this series, we’ll look at ways to integrate Windows event logs with other telemetry sources to provide a complete picture of a network environment. The…
Microsoft Workstation Logs – Configuration
Over the last three posts, we’ve looked at Microsoft event logging use cases and identified a set of must-have event IDs. Now we’re ready to put our security policy in…
Windows Workstation Logs – Increasing Visibility
Anyone who has looked at the number of event IDs assigned to Windows events has probably felt overwhelmed. In the last blog, we looked at some best practices events that…
Microsoft Workstation Logs – Focus on What’s Important
Can you have too much of a good thing? Maybe not, but you can certainly have too much of the wrong thing. In my first blog, I introduced the idea…
