Hello,
I'm wondering if anyone has ever posted a script such as this, and if so, wondering if you have a link to it.
Environment is a Server 2003 Ent DC backend and Windows 7 Ent workstations.
Looking for a script that would do the following:
1 - Can be be executed on a workstation through something like SCCM
2 - When it runs, collects the Security Audit Logs from each workstation and puts it on a network share location, appending the name of the workstation to the file name for easy identification
3 - Deletes the collected audit logs from the workstation once collected
I'm not broadly knowledgeable about scripting at all, and any help performing this operation would be greatly appreciated. I am trying to research this on the web but much of the information is not very clear to a non-script oriented person such as myself.
At one point we had a third party utility that did this and ran great on XP workstations, but the vendor has not updated it for the Windows 7 environment. Now we are stuck manually logging into workstations to collect audit logs which is very slow and painful.
Thanks in advance for any advice, tips or suggestions.
