This may be a basic question for some, but nevertheless I am launching it. What tools are available out there for sysadmins to monitor and log the state of a Windows server on a continuous basis? By this I mean:
- monitor/log registry key changes (who,when,what was changed vs initial state)
- monitor/log SSL certificate changes
- disk changes (this may be too big/generic to be useful to analyse i guess)
- other OS level changes I might not think to mention here
This might be a too generic topic to be covered in one tool but I would like to know what others are using. For example, I know Windows has Event Viewer, but sometimes this is either tricky to query or would not find too old historical changes. Thanks for the input!
