Getting useful reports out of a linux server is pretty simple. Dig
around in /var/log to find the right one, give it a sprinkling of
perl, and out pops a nice useful report on just about anything you
want.
I can't figure out how to do similar on SBS2008. I can see great
swathes of information in Event Viewer, but very little of it seems to
be useful. When I tried to export the information to a CSV so that I
could try to sort/filter it, the final column, which I assume would
have had most of the information in, mostly contained just "A" or "An"
The thing I'm most interested in at the moment is logins to RWW, RDP
and desktops logging on to the domain, ESPECIALLY failed attempts. Is
there anything obvious I'm missing here, any tool that would be useful?
|
Similar Threads
Linear Mode
