event ID 537 & 577
Im a busy Network Admin. I need a quick way to check & resolve security log event IDs. How do I know which event IDs are truly critical & need further investigation. I need a quick resolution for issues listed. Id like a list of event IDs to watch in priority of importance, a possible solution, a list of ones not to be concerned about & why I shouldnt be concerned. Id like one or two page printout that I could hang on the wall as a reference. By the way I've seen some 537 & 577 security event ID's on my servers (w2k & 2003 servers)Right now just looking for general guide oranything else that might be helpful. Thank you
March 4th, 2009 9:19pm

hi there,to answer your question , every microsoft service is related with WMI events, which means you code the service and you write the equivalent WMI event code to register in Event viewer, also as a developer you decide which events to log microsoft has provided an event viewer with 3 different sub sections which are major and your service would log the relevant events to them.you can also code your application to log an event in the event viewer , again it depends on what you want to log.so most important event are the one which are in error state . They are caused because of some function or logged because of some undesired event.so you need to take care of warning and error . But some warning can be ignore when functionality is working.With respect to security you need to take care of failure audits, and please make sure that you need to read relevant ccause of the failures.So events which are failure state and warning state need to be taken care.sainath Windows Driver Development
Free Windows Admin Tool Kit Click here and download it now
March 5th, 2009 8:55am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics