We got several reports recently of a bug in ACS that certain DS Access events, primarily for dnsNode and dnsZone objects, don't properly get looked up. Some background: the event log in Windows prefers to log invariants such as message IDs, parameter message IDs, SIDs (security IDs which represent...

There's one topic that I know is on everyone's mind- no, not American Idol - it's "What's new in Auditing in Windows Server 2008?" Well, funny that you brought that up. My friend Jesper Johanssen just wrote a new book, the Windows Server 2008 Security Resource Kit , and he invited me to write a chapter...

Well there has been a lot happening on my old project, ACS (Audit Collection Services, a feature of SystemCenter Operations Manager 2007 ). Two more of our partners, Enterprise Certified and NetPro , have released compliance solutions on top of ACS. Another of our partners with ACS-based compliance...

A German court has ruled that a government web site may not retain IP addresses and other personally identifiable information (PII) in their logs for any longer than the user is actually using the site. The judges pointed out that in many cases it was simple to map an IP address to an identity with...

As I wrote about earlier, TorrentSpy, a file-sharing search engine, was ordered by a U.S. magistrate to enable logging on its servers and to subsequently make those logs available to the MPAA, the plaintiff in an illegal file-sharing lawsuit against TorrentSpy. They have lost their appeals and as a result...

Researchers in the state of Ohio in the United States have discovered that by analyzing the logs produced (by law) from e-voting machines used in certain counties, they can determine the vote(s) each voter made . Further, the logs, by law, must be produced on demand, as part of our open elections process...

http://arstechnica.com/news.ars/post/20070811-iphone-bill-is-surprisingly-xbox-huge-lol.html Fortunately for customers they strip out all the interesting details that would make it useful to, well, anyone.

This one kind of speaks for itself. I guess this is more of a privacy issue than a logging issue. http://www.msnbc.msn.com/id/20216302/ [Edited 2010-08-06 by EricF- fixing broken link]

A draft law ( English translation ) being proposed in Germany to enforce the European Mandatory Data Retention Directive of 2006 would require telcos, ISPs, and email service providers to track and retain data necessary to trace and identify the source, destination, date, time, duration, type, and communication...

Working as I do for a company that exists because of copyright, I'm not particularly sympathetic to TorrentSpy, a search engine company that is accused by the Motion Picture Association of America (MPAA) of helping to enable copyright infringement by making it easier to find content on the BitTorrent...

Woohoo! Thank you all for helping push my humble prose into the limelight. Our little community is now in the top 10% of the most accessed blogs on MSDN. We'd probably be a lot higher if I got off my lazy behind and wrote more often. Anyway the monthly stats came out and this is the 294th most frequently...

Randy Franklin Smith has a site with a very good reference to security event log events. Randy also does training on Windows security log analysis.

The BBC reports that the European Parliament has approved rules, as an anti-terror measure, to require telephone companies to retain call and internet records for two years. I do not know if Windows-powered telephony switches exist, but even if they do they probably don't log the desired information...

http://support.microsoft.com/default.aspx?scid=kb;en-us;910741