What’s the best way to monitor & diagnosis issues on a system by system basis; throughout a domain of computers?
I’ve attempted Event Forwarding; with monthly exports to CSV format for examination within EXCEL.
Is this ideal on a network of 40 PCs??
1 Like
I recommend that you get something like https://www.splunk.com/ or https://www.graylog.org/ (free / open source) to monitor your logs.
What you have setup is pretty good considering it’s done in a spreadsheet. If you stick with a spreadsheet like you’re doing now you should have a dedicated graph for security events like failed logins.
Also setting up notifications for failed notifications would be useful to (thinking of twilio or mailgun).
1 Like
Thanks. I’ll give it a try.
Is there a section of the training that covers this topic?
1 Like
At this time we don’t have any logging modules.
Good day,
Just adding two cents into this request. There are a couple other open source log monitoring tools such as Snort. As Paul mentioned, Splunk is a great option and now also provides Trial periods on Cloud and up to 500MB per day of logs for free.
Thanks!