Monitoring OS and third party software events by using Guardium CAS functionality
JonasHirner 2700000YE4 Visits (1292)
I just read an interesting article on how to monitor Windows events with the Guardium CAS functionality:
guide, the author suggests to create a Perl script, which listens for new
Windows events and writes those changes into a text file.
That rather simple technique offers the ability to integrate a wide range of third party application output into Guardium without native support. When implementing a solution like this, it is important to keep an eye on security aspects to ensure information integrity. Per example, access to the output text file should be restricted and the log-script should respawn automatically.