Windows Events Centralization


Events centralization is a must-have in your security policy. Using a central place where reside your logs has many advantages:

  • Reduction of the resources usage on the source device (disk almost)
  • No need to take care of local logs: logs contain critical data and must be secured.
  • In case of a compromized host, the logs are still available (hackers don’t like to keep trace of their acts and try to delete as much as possible the logs)
  • мебели

  • Centralized logs can be post-processed for further analysis (log normalization and correlation).

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.