W2K CyberSafe Event Log Analyzer

W2K Server Resource Kit includes CyberSafe Log Analyst (CLA) which is a
Microsoft Management Console (MMC) snap-in that lets you analyze the Security
logs of the systems in your domain. CLA has prebuilt reports that provide useful
views of security activity, but you can design custom reports. To install CLA,
run \apps\loganalyst\setup.exe on the CD-ROM. This
creates a shortcut in Administrative Tools.

Using CLA is a three-step process.

  • Tell CLA which event logs to analyze. To test CLA, copy the local system’s
    current event log by right-clicking Logs to be Analyzed
    and selecting Cut Live Local Event Log. To run reports
    on the merged activity of multiple systems, use Event Viewer to save each
    system’s event log to an .evt file. After saving the logs, add them to CLA by
    selecting Add Event Log File from the Logs to be Analyzed context menu.
  • To import selected logs into CLA’s native format, select Analyze from the Logs to be Analyzed context menu.
  • Select and generate the desired report from the Report Templates folder.
CLA generates sophisticated reports which gives an enterprise view of
activity. Not bad for one of many utilities in the resource kit.

About The Author

Leave a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top