Good List of Regulatory Requirements for Logging

  • 發行項

My friend Dr. Tina Bird has put together a good list of regulatory requirements that pertain to logging and log retention.

Comments

  • Anonymous
    July 23, 2007
    Sorry, this is unrelated and depends on technical support. I want to know if you could link in a future post to event logging support resources (newsgroup, faqs etc..). I'm encountering system event log corruption and I want to obtain help, information and support for it. Regards,

  • Anonymous
    July 23, 2007
    Hey Sebastian, I have a post on my sources here: http://blogs.msdn.com/ericfitz/archive/2007/02/06/where-do-i-get-my-information-on-windows-auditing.aspx But our main support page is here: http://support.microsoft.com/ The main support page has links to our faqs, knowledge base, and our communities site, which in turn has our newsgroups, etc. Best regards, Eric

  • Anonymous
    July 24, 2007
    Thanks for those. I read them already but haven't found any topics regarding log's integrity. I keep on searching.

  • Anonymous
    July 24, 2007
    Here you go: http://support.microsoft.com/kb/172156 There are a couple of bugs that resulted in an erroneous corrupt event log file message; you can find these in the Knowledge Base, but they are older issues on Windows 2000 and Windows XP and if you're running recent service packs then those are probably not your problem. The event log team does not publish the evt file format specification so there is not much else you can do except delete the log files (or move them elsewhere).  You could examine them with a hex editor I suppose, but since they're in a binary format they're not very readable.