-
May 7th, 2005, 08:27 PM
#1
Junior Member
LOG FILES
Hello
I need some help understanding log files, I understand the basics like utmp, wtmp, and lastlog on ftp servers. But what about telnet, http, netbios, and other protocals that may log activites, where do they store the logs, etc.... Like what other protocals that I didn't mention also log activities. And also *nix type computers log using wtmp, utmp, and lastlog. But what about windows.
-
May 7th, 2005, 10:08 PM
#2
Windows stores a lot of information in the Event Log. Check out the event viewer in Control Panel/Administrative Tools. There are System and Application messages there. Also check out the program directories as some programs tend to store data in their local directory using a flat log file.
For *nix look at syslog (http://userpages.umbc.edu/~jack/ifsm498d/syslog.html). Many applications take advantage of the syslog daemon to do their logging. The nice thing about syslog is that logging can be done remotely. So all routers, servers, etc. can be setup to use the syslog daemon on a dedicated logging machine. All your logging is automagically consolidated and network-wide data can be gathered.
Hope this helps a bit.
\"When you say best friends, it means friends forever\" Brand New
\"Best friends means I pulled the trigger
Best friends means you get what you deserve\" Taking Back Sunday
Visit alastairgrant.ca
-
May 7th, 2005, 10:18 PM
#3
Junior Member
thanx
Hi
Yea man thanx alot it really helped.
Does event log store information on like NetBIOS, etc....
-
May 7th, 2005, 11:38 PM
#4
I've never really played around with the event log much. I know it does store some information, like if there is a duplicate network name. But it is most technical, behind-the-scenes stuff. It would be nice if you could store share accesses and file manipulations. Has anyone tried loggin this using the event log?
\"When you say best friends, it means friends forever\" Brand New
\"Best friends means I pulled the trigger
Best friends means you get what you deserve\" Taking Back Sunday
Visit alastairgrant.ca
-
May 8th, 2005, 07:14 PM
#5
http and ftp logs are in C:\WINNT<or windows>\system32\Logfiles
telnet logging is not turned on by default. When enabled a file must be created/named anywhere on the local computer.
Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”
-
May 8th, 2005, 09:01 PM
#6
Junior Member
-
May 10th, 2005, 06:20 AM
#7
Junior Member
Syslog Daemon
How can you find out if the network( *nix) is using a Syslog Daemon, are there ways of enumerating that information.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|