Hi
I have recently purchased Kiwi Syslog server and using Solarwinds log forwarder for windows to send our windows server logs over to the syslog server.
Does anyone have any recommendations on the event subscriptions you should set up to be forwarded and what would be the most useful? I just want to cover all basis really, such as log on and off events, application installs/uninstalls, changes ETC. Just looking for a steer in the right direction for best practise should we ever need to go through the logs.
Thanks!
3 Spice ups
randy1699
(AR-Beekeeper)
2
I would think you would want to log all events in case of an issue - user, software or mechanical
dbeato
(dbeato)
3
Everything should be logged, such as when the time presents you can look at everything instead of I don’t have that or that was not included.
