System Security Audit Trail Tools

Audit trail records the activities of system. Those records has sufficient information to reconstruct, asset, audit the circumstance and order of system activity. They are files recording when the users login in, where they login from, what the users has done and any other activity information for the administrator to analyze. Some log files give the administrator reference, but with more and more crack event taking place, it is tiring for him to extract serviceable information and find out suspicious activity among the records of log files. More and more tools are available for crackers to modify those log files to conceal themselves after their attacks. It is a challenge to the administrator to find out those crack from destructed log files. Being well master the format of log files and analyzed large mount of activities of cracks, the author developed a private analyzing tools. The advantages of the tools are as following: accomplish the configuration automatically, analyze those log files at the user抯 will, find out serviceable information from large mount of log records, search for the trails of crackers, analyze the destructed log files and produce report on abnormal activity.