Windows NT Security Event Log Analysis Tool


Reviewing event logs is one of the most important of the tasks and one of the
most ignored. NT Objectives’ NTLast is a utility needed
in any Windows NT administrators tool box. NTLast is a command-line tool that
searches local and remote NT security event logs to display entries in an
easy-to-read onscreen report. NTLast can open and review archived event logs and
pipe output to a text file. For IIS admins, NTLast can distinguish between local
console logons and remote network logons and can filter and display Microsoft
Internet Information Server (IIS) logons.

NTLast supports a wide variety of command-line switches, for example, -f
tells NTLast to display all failed logon attempts in the security event logs.
Check it out : NTLast

Frank Heyne has made available a Windows NT
Eventlog FAQ
.

Leave a Comment

Your email address will not be published.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top