Windows – Sys Admin Dashboards

Description

I use these dashboards to troubleshoot Windows issues and if no "customer" issues are present I can dig through the event logs and find issues that are not causing work stoppages (yet) and try to fix them ahead of time.

Project Details

Current Version

1.0.0

Last Release Date

2016-08-29

Owner

Eric

License

GPL

Compatible With

Nagios Log Server

Project Files

File	Description
+Windows_Reliability_Rating-1472509625169	Windows Reliability Rating
_Application_Crashes-1472509553030	Application Crashes
_Software_And_Services-1472509454874	Software and Services Logs
_System_Service_Failure-1472509421559	System Services Failures
_Windows_Update_Errors-1472509385102	Windows Update Errors

Project Notes

==========================================
Windows Auditpol/EventLogs:

The custom audit policy I used to gather my log data are based off of Randy Franklin Smith's webpage:

(https://www.ultimatewindowssecurity.com/wiki/WindowsSecuritySettings/Recommended-Baseline-Audit-Policy-for-Windows-Server-2008)

Mr. Smith's list edits the auditpol to specifically reduce "loud" MS Window logs which send too much data while not providing much value for the average Tech.

=====================================
Dashboards:(some dashboards should NOT have any events if a computer has no issues, you can test this by extending the dashboard to 30+ days to find alerts)

The dashboards are based off of "Spotting-the-adversary-with-windows-event-log-monitoring":

https://www.iad.gov/iad/library/ia-guidance/security-configuration/applications/spotting-the-adversary-with-windows-event-log-monitoring.cfm

Please verify that you are getting "Good" data before fully trusting any dashboard. I'm not a MS Windows Pro but if YOU ARE, I'm happy to make corrections to the above dashboards.

User Reviews (1)

August 31, 2016

EXCELLENT DASHBOARDS!

by: benhankerson

thank YOU FOR THIS MAN! AWESOME JOB! PLEASE KEEP THEM COMING!

Add a Review

You must be logged in to submit a review.