Question : Monitor the local administrator account activities on the windows servers

Auditor recommended our company to monitor the local administrator account activities on the windows servers. I want to know where I can get relevant information (such as log or something) and how to get them with Perl.

Thanks in advance

Answer : Monitor the local administrator account activities on the windows servers

in the scope of Windows (OS level), you may configure Windows to audit OS level activities including logon events, account management, policy change, privilege use, system events and more.

Which Versions of Windows Support Advanced Audit Policy Configuration?
http://technet.microsoft.com/en-us/library/dd692792%28WS.10%29.aspx

Advanced Security Audit Policy Settings
http://technet.microsoft.com/en-us/library/dd772712%28WS.10%29.aspx

however, please be aware that the above mentioned is for the scope of OS level audit, which does not include applications audit, hardware changes, network changes and etc. these extra audits need to be enabled individually if it is possible and applicable. for example, server memory adjustment can be audited if the server's audit is enable (normally can't record who does that), SQL audit must be configured with SQL Enterprise Manager, not from Windows.

hope it helps,
bbao

Random Solutions

How to get Dell poweredge 2970 to recognize hard drives?

Copy database wizard and have this as schedule

Fox 9 and PDF Files

is Kotel part of temple ?

Implementing optional parameters in a function - C#

All I want is to read the entire schema

PHP MYSQL insert multiple records

Pegasus Mail - help sending mail