LOGbinder for Exchange: Bridging the Gap Between Exchange and SIEMs

With today's compliance, discovery, and liability concerns, management is increasingly concerned about having a high integrity audit trail of access to mailboxes as well as privileged activity by Exchange administrators.

Microsoft has risen to the occasion with new native audit capabilities in Exchange Server 2010 but, like many audit logs today, the information is trapped within the application, and, specific to Exchange, audit logs are maintained in mailboxes.

Audit logs don't belong in the application they audit. Widely accepted best practices for information security mandate that audit logs be moved as frequently as possible to a separate, isolated log management system.

LOGbinder for Exchange, my third LOGbinder collector, efficiently processes native Exchange audit logs, resolves unreadable ID codes, and translate other cryptic codes, yielding an easy-to-understand Exchange audit log to the Windows event log where any log management/SIEM solution can take over with collection, alerting, reporting, and secure archival. LOGbinder for Exchange performs these functions on both the administrator audit log and the mailbox audit log.

LOGbinder for Exchange events in the Security Log Encyclopedia
Visit www.logbinder.com

Upcoming Webinars

Additional Resources

Exchange

•	Administrator Auditing
•	Mailbox Auditing
•	LOGbinder EX

User name:
Password:
	/ Forgot?
	Register

December 2024 Patch Tuesday	"Patch Tuesday - 2 Zero Days...See You in 2025! " - sponsored by LOGbinder

Follow @randyfsmith

About | Newsletter | Contact

Ultimate IT Security is a division of Monterey Technology Group, Inc. ©2006-2024 Monterey Technology Group, Inc. All rights reserved.
Disclaimer: We do our best to provide quality information and expert commentary but use all information at your own risk. For complaints, please contact abuse@ultimatewindowssecurity.com.