|
Contents
Introduction
Why GFI LANguard S.E.L.M.
Features
How does GFI LANguard S.E.L.M. work?
Installation
GFI LANguard S.E.L.M. System requirements
Installing GFI LANguard S.E.L.M.
Installing Microsoft Data Engine (MSDE)
Configuring event logging/auditing
Introduction to event logging & auditing
Enabling auditing automatically via LANguard S.E.L.M
Enabling auditing on multiple machines using a GPO
Configuring LANguard S.E.L.M
Introduction to the configuration
Computers to monitor
Alerting options
General
Event analysis options
Database maintenance options
The LANguard S.E.L.M. monitor
Introduction
Operational Status
Operational history
Important Security Events
Activity View
Running the monitor remotely
Viewing events
Introduction to the GFI LANguard S.E.L.M. event viewer
Using the GFI LANguard S.E.L.M. event viewer
Switching between the main and backup database
Search and Filter functions
Tutorial: Creating a custom filter of failed logon attempts for a particular user
Viewing Security Event Reports
Introduction
Using the GFI LANguard S.E.L.M. Reporter
Creating reports
Generating reports
Switching between the main and backup database
Standard reports
Tutorial: Creating a custom report on accounts being locked out
Creating all purpose (custom) rules
Introduction
Creating a custom rule
Enable/Disable a rule
Security event categorization
Introduction
Extending/editing the security rule table
Security Events Glossary
Introduction
Appendix
Installing the Message Queuing services (MSMQ) on Windows 2000
Creating a dedicated user account
Enabling auditing on a single Windows 2000 machine
Enabling auditing on a Windows NT machine
| 
