I am setting up a new install and gradually getting things configured in hope of this being useful.
Right now I am getting a steady stream of alerts stating that there is a Vista alert detected with NTSecurity Tool.
These are coming from a 2008 domain controller or rather Solar Winds alerts on the monitor tab but relating to that machine. Error codes 4634 (account logoff) 4624 (successful account logon) 4672 (special priviledges assigned to new logon) 4933 (syncronization of a replica of Active Directory) and on and on.
The point being that all of these are events that are normal on a domain controller but not what I would characterize as a Vista alert.
I have only two agents installed at this point, one on a 2008 r2 workstation, and one on the 2008 domain controller discussed here. I have added them to clones of the default tool profiles for work stations and Windows DC's respectively.
I have searched support only to find nothing remotely helpful. I am working my way through the documentation, following the less than stellar information there (should I have cloned the default tool profiles? I could find no way to edit them directly in order to add machine agents directly, even if only temporarily.)
Anyone out there with the free time to nudge me in the right direction? This is worse than useless as it is now.
Lets see if I can actually reply this time.
I am simply too literal minded. I think the Windows DC Tool starts out connected to the NT XP 2000 security log, though I may have selected that while simply not seeing the Windows 7 Vista 2008 security log tool. Either way, the notice about the logs being a Vista alert actually meant that it was a Windows 7 Vista 2008 alert. Having sorted that out, I appear to have resolved my issue.