| initech 2002-10-31, 9:24 pm |
| http://members.ebay.com/aboutme/jbinfl/
Windows NT Event Logging by James D. Murray Debby Russell (Editor). Like
new!!! Lists for $33.00. Buyer to pay $3.00 for domestic shipping and
handling. PAYPAL ONLY (no exceptions - no eChecks)!!! Payment expected
within 3 days of auction end. NO OUT-OF-USA SALES!!! Good Luck! Feedback
Policy: I place feedback at the end of the transaction. This means that if
the highest bidder receives the item & is happy with it, he places his
feedback first and I will return the favor. Communication is key! Format:
Paperback, 295pp. ISBN: 1565925149. Publisher: O'Reilly & Associates, Inc.
Pub. Date: September 1998. Event logging is a facility used by computer
systems to record the occurrence of significant events. An "event" is any
change that occurs in a system -- for example, a user logon, an addition to
a file, or a change to a user's privileges. Because a computer system may
experience hundreds or thousands of events each second, it is important to
distinguish which events require the immediate attention of a system
administrator, which should be recorded as entries in the system's event log
for later analysis, and which can be safely ignored. Event logs provide a
centralized collection point for all kinds of error reports, system alerts,
diagnostic messages, and status messages generated by a system. This book
describes the characteristics of these messages, why they are important, and
how you can access them and act upon them. Event logs are particularly
important to system security and problem troubleshooting. Windows NT systems
generate three distinct types of event logs: Security log. Stores reports of
security-related events -- for example, a user has written to a file or
there has been a change in a user's privileges. System log. Stores reports
generated by system components, including drivers and services -- for
example, a device failed, a driver failed to load, or a memory allocation or
I/O error occurred. Application log. Stores reports on all other events --
for example, an internal application error (such as a failure to allocate
memory) occurred, or a file download aborted. This book is aimed at several
specific audiences: For system administrators, event logging is a tool for
analyzing system and user activities and performance and for troubleshooting
system problems. For this audience, the book explains how to view and
maintain the event logs via the system's Event Viewer and how to interpret
the results. For programmers, event logging helps in diagnosing system or
network problems. For this audience, the book describes the event logging
API (Application programming Interface) and the internals of the system's
message files. It also provides instructions for and examples of accessing
(reading, backing up, clearing, monitoring, and writing to) the event logs
from C, Visual Basic 5, Perl 5 for Win32, Visual J++, and a C++ class for
MFC (Microsoft Foundation Classes). For security administrators, event
logging is an important tool in auditing security-related events and
tracking down the source of security breaches. For this audience, the book
provides help in specifying the events to be audited and in analyzing
auditing results; it also discusses the security auditing requirements
imposed on a C2-level secure system (one approved by the U.S. government's
National Computer Security Center). The book comes with a CD-ROM containing
examples from the book and many contributed event logging and auditing
software packages. A brief table of contents follows: Preface 1. About Event
Logging 2. The Event Logging Service 3. Even Viewer 4. Windows NT Security
Auditing 5. The Event Logging API 6. Message Files 7. Accessing the Event
Logs 8. Reporting Events A. References and Resources B. Event Logging under
Windows for Workgroups C. NT Security Auditing Events D. DumpEl: Event
Logging Dump Utility E. Kernel-mode Event Logging F. What's on the CD-ROM?
|