Wei H Lim (MSFT) a publié une série de billets présentant comment utiliser l’Operations Management Suite (OMS) afin d’exploiter les informations des journaux de sécurité. On retrouve notamment :
- Leveraging OMS Log Search to Identify Potential Access Violation Activities
- Leveraging OMS Log Search to Help Planning and Tuning of Audit Policies
- Leveraging OMS Log Search to Analyze Security Events for a Specific Computer/User/EventID
- Leveraging OMS Log Search to Capture Audit Failures and Audit Log Tampering
- Leveraging OMS Log Search to Track Policy and Permission Changes
- Leveraging OMS Log Search to Report on User Logon and Object Access Events
- Leveraging OMS Log Search to Report on Dynamic Access Control Usage
- Leveraging OMS Log Search for Account Management and Audit Reporting
