I was doing some research and testing on Windows 2008 security and audit logging capabilities and wanted to share these resources for you Opsmgr administrators that may be have need for some of this information for use with Audit Collection Services.

Here are some great resources to get you familiar with Windows 2008 security events and granular audit policy configuration.

• Windows 2008 Audit and Compliance - This TechNet Magazine article is a great introduction to auditing capabilities of Windows 2008 and configuration of Granular Audit Policies (GAP).

• Security Audit Events for Win2008 and Vista - Here’s a great list of Windows 2008 Security Event IDs and descriptions. You’ll notice that Win2008 events are nearly identical to Windows Vista, and you’ll see these in the EventSchema.xml

• Windows 2008 Security Guide - Downloadable version of the authoritative guide on Windows 2008 security

• SVT Audit Reference List - If you have interested in matching Windows 2008 event IDs to their legacy counterparts, Secure Vantage folks took some info from MS and ultimatewindowssecurity.com to reference some of the legacy event IDs next to their Windows 2008 equivalents.

Update your MOM skills to Operations Manager 2007 at the Operations Manager 2007 Bootcamp! Register in December for training in 2008 at SystemCenterForum and receive a free copy of Operations Manager 2007 Unleashed!

Check the 2008 Bootcamp Schedule and request pricing and availability HERE.