TNT Software

100% Developed & Supported in the state of Washington, U.S.A.

February 2007 Newsletter

February 6, 2007 Volume 2, Number 6

In This Issue

·     New stuff at TNT Software

·     What's the Shortest Day of the Year?

·    Build a Filter to Differentiate User and System Logon Events

·    Syslog Receiver and Database Size

·    NOT Strictly Business

Check us out!

TNTSoftware.com

FREE - Try us for 30 days

Compare Products

Popular TNT Links

Sarbanes Oxley Information

Security

What's New?

Government pages

Read more…

Testimonials

"I don't see how anyone can run Windows machines without ELM. It's like watching TV without TIVO."

Case Studies

See how companies worldwide are using ELM to proactively manage their environments

Contact Us

2001 Main Street
Vancouver, Washington 98660

Phone: 360.546.0878

Fax: 360.546.5017

Toll-Free: 877.546.0878

http://www.tntsoftware.com/

Email TNT Software

New Stuff at TNT Software


Win one of three free conference passes for TechMentor Orlando

Go here and register to win one of three conference passes (valued at $1499.00) to TechMentor Orlando, March 26-30, 2007. The drawing will be held Monday, February 11 at noon Pacific time. For more information about the conference, go to the TechMentor Events web page.



Getting ready for ELM 5.0 -

     Many new features, to be released later this quarter!

  • Customizable reports
  • EVT File Collector
  • Agent Deployment Wizard
  • Archive Database ELM Console Access
  • Windows Configuration Monitor
  • Environmental Monitor and Alarm
  • SNMP Collector

...and more!

What's the Shortest Day of the Year?


Trick question. I know... I gave the traditional answer, thinking the question was, "What's the day with the shortest number of hours of daylight?" - December 22, 2007, winter solstice, duh. But in 2007, the shortest day of the year is March 11th, the first day of Daylight Saving Time - 23 hours long.

A little background: On August 8, 2005, President George W. Bush signed the Energy Policy Act of 2005. This Act changed the time change dates for Daylight Saving Time in the U.S. Beginning in 2007, DST will begin on the second Sunday in March and end the first Sunday in November.

So why is this of interest to us? Suddenly those in the IT world are faced with another potential crisis the likes of Y2K, made more complex by the fact that while the U.S. and Canada are changing Daylight Saving Time dates, Mexico isn't.

How does that affect TNT Software's ELM products? It doesn't. Built to run on the Windows platform, ELM solutions rely on the operating system time.

To learn more about what Microsoft is doing to make Windows DST2007 compliant, go to this page.

Build a Filter to Differentiate User and System Logon Events


Windows does not differentiate between User and System logon events, presenting a challenge to those of you who want to target more specific information about logon events. TNT Support suggests that you use Exclude Filters to specify which events you want excluded from a Notification Rule. In the ELM Console, click on an Include Filters or Exclude Filters container. F1 will open the Help file with detailed information about creating and configuring Event Filters including the syntax and available operators.

Here's an example: You could modify your current filter and add the following string to the 'Username is:' field: !*NT AUTHORITY\SYSTEM*

The NOT (!) operator should exclude any events that match that username when all other criteria of the event is matched. Therefore, the only events in this filter that would trigger the notification rule are the ones that come from all users except the NT Authority\System account.

Part of the solution should include testing and observation – perform a logon and immediately examine the Active Directory logs to see if the logon is recorded. If it is, ELM can collect that event and you can use it to build an appropriate filter.

Syslog Receiver and Database Size


If you are receiving syslog events in ELM, you may see the ELM database growing rapidly. Since ELM doesn’t use a Monitor Item to receive and collect Syslogs, it is not possible to filter that data in the same way events from Windows Event Logs are filtered. So when the Syslog Receiver is enabled in ELM, ELM receives all traffic arriving at port 514. While some devices will allow a degree of configuration for what is included in Syslog messages, most devices send everything.

In order to control database growth associated with Syslogs, TNT Support suggests that you place an aggressive pruning rule in your ELM Database Settings to prune syslog messages more frequently. To do this, go to the Database Settings wizard found in the ELM Server contextual menu under "All Tasks", enable the Archive Database if you haven't already, and Add Alert and Event Pruning and Archiving Criteria that filter specifically for the syslog data, perhaps making retention of that data shorter than the ELM defaults.

NOT Strictly Business

  • If a baseball-sized piece of a supernova star (known to astronomers as a pulsar) were brought to Earth, it would weigh more than the Empire State building.
  • The coldest place in the solar system is the surface of Neptune's largest moon Triton, which has a temperature of -391 degrees Fahrenheit, only 69 degrees Fahrenheit above absolute zero.
  • Sylvan N. Goldman of Humpty Dumpty Stores and Standard Food Markets developed the shopping cart so that people could buy more in a single visit to the grocery store. He unveiled his creation in Oklahoma City on June 4, 1937.
  • In Australia, the Number 1 topping for pizza is eggs. In Chile, the favorite topping is mussels and clams. In the United States, it's pepperoni.
  • The full name of Rhea Perlman's award-winning character on TV's Cheers was "Carla Maria Victoria Angelina Teresa Apollonia Lozupone Tortelli LeBec."
  • Edward Kennedy, future politician, scored the only touchdown for Harvard when they played Yale in 1955.
  • There are 284 restrooms along the 17.5 miles of corridors in the Pentagon.
  • Peter the Great of Russia considered men growing beards to signify lack of culture. So he issued a stiff tax on beards in 1698; those who couldn't pay the tax had to get their beards shaven.

February 6th in History

1778 - France and America signed treaties allowing the United States to conquer Canada and Bermuda; France was allowed to take the British West Indies.
1911 - In Prescott, Arizona, the first old-age home for pioneers opened.
1926 - The National Football League adopted a rule that making players ineligible to compete until their college class graduated.
1952 - Queen Elizabeth II succeeded to the British throne upon the death of her father, King George VI.
1971 - NASA Astronaut Alan B. Shepard took a six-iron stashed inside his spacecraft took a swing at three golf balls on the surface of the moon. Shepard whiffed the first swing. The others were good shots that went a few hundred yards in space's vacuum. Because his moonwalk suit was so bulky, he didn’t get enough of a swing to launch the golf balls into orbit. But he did get a couple of divots.

Born on February 6th:

1564 Christopher Marlowe poet, dramatist d: 1593
1756 Aaron Burr U.S. Vice President d: 1836
1895 Babe [George Herman] Ruth baseball d: 1948
1911 Ronald Wilson Reagan U.S. President, Governor of California, actor d: 2004
1940 Tom Brokaw news anchor
1970 Jason Andrew Cleary one of my favorite 30-somethings