Last week, I had an interesting discussion with my Sys Admin that left me boiling a bit. I ended up needing to find an article I thought I’d bookmarked a long time ago to prove a point to him, and ended up having to search to find it. This is another “gem” you’ll want to keep handy — if you’re a Sys Admin, this is a must to read and understand, and if you’re not a Sys Admin, it really helps cut through BS at those times when you feel that things just shouldn’t be working the way they are.Our Sys Admin is the nicest guy in the world, but to say that he’s disciplined would be to do a great disservice to the term. In fact, he’s a “squeaky wheel” guy, addressing issues just as they’re starting to get really annoying, so my conversation with him shouldn’t have surprised me. Nevertheless, I was surprised to learn that we had not, to date, been monitoring the event logs on our Windows servers. At all.
After I turned three shades of purple, I tried to express my amazement that you can’t get software to monitor event logs free in a box of breakfast cereal. What I really wanted to have handy, though, was an article I’d read years before explaining very simply what a good Sys Admin should do daily, weekly, monthly, and so on. I just knew that monitoring event logs was in there.
I ended up spending a few minutes trying to dig this up, but I finally found it again: NT system administrator’s checklists