S
Shahid Roofi
We want to centralize all security logs from all 8 DCs. These logs grow rapidly so need to change the location to D or E drive and then set Auto Archive settings. (otherwise C Drive will be filled up in hours)
Next challenge is to collect all of these and compress them and put them in one machine.
Option1: use scripts that copy all the archive files created on DCs and paste them on file share and deleting the originals.
Option2: use event collection/subscription feature.
The failure of any of the approach will cause the D drive on the DC to get filled up easily and then DC will be in abnormal state.
What is the common solution around this? (apart from 3rd party products).
Ideally we need all security events from all DCs
Shahid Roofi
Continue reading...
Next challenge is to collect all of these and compress them and put them in one machine.
Option1: use scripts that copy all the archive files created on DCs and paste them on file share and deleting the originals.
Option2: use event collection/subscription feature.
The failure of any of the approach will cause the D drive on the DC to get filled up easily and then DC will be in abnormal state.
What is the common solution around this? (apart from 3rd party products).
Ideally we need all security events from all DCs
Shahid Roofi
Continue reading...