Michael,

There are a variety of freeware utilities you could
use, as well as commercial.

Here're a couple of options I'd recommend:

1. Automate all of it with Perl. ActiveState's Perl
is free, as is the Win32::Lanman module. Easy to do,
and code for all of this is available. Check out
http://patriot.net/~carvdawg/perl.html.

2. Combine the RK's auditpol utility w/ SysInternals
psloglist. Automate this all w/ Perl.

3. Enable all of the auditing you'd like, then
install a freeware syslog client (BackLog, etc) on
each one. Get Kiwi-Enterprise's NT Syslog server to
collect all of the EventLogs in a single location.

4. NTLast from FoundStone is an excellent tool for
retrieving just login information.

As a side note, I'd also suggest turning on other
settings in the EventLog as well. If you intend to do
so, or if you do not intend to collect the entries on
a regular basis, I'd also suggest increasing the size
of the EventLog files, as well as preventing Guest
access to the App and Sys EventLogs.

--- Michael Fanara <michael.fanarayale.edu> wrote:
> The list,
>
> Are there any 3rd party utilities out there that
> would allow me to track
> logins - who, when, how many times since x days ago,
> etc.? I know I could
> turn on auditing and read the security logs, but I
> need to do this for about
> 250 NT4.0 machines, spread out, in an NT4.0 domain.
> Is there an enterprise
> solution? Is there anyone else out there doing the
> same thing?
>
> Thnx for your time.
>
> Mike Fanara
> Network Administrator
> Office of Facilities
> Yale University
> michael.fanarayale.edu
> 203-432-4719 w
> 203-432-8881 f
> 203-627-1773 c
>
>

__________________________________________________
Do You Yahoo!?
Find the one for you at Yahoo! Personals
http://personals.yahoo.com

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]