Programs to monitor the Log files for multiple computers running Windows 2000/XP/NT/2003.
GFI LANguard S.E.L.M:
GFI LANguard S.E.L.M. can analyze application, system and other event logs. You can back up and clear event logs on all remote machines in your network automatically; and view, report and filter events network-wide, instead of just per machine. GFI LANguard S.E.L.M. collects all events in one central database, making it easy to create network-wide reports and custom filters. Using the custom rules, you can create your own event alerts based on event ID, condition and event contents.
syslogng:
syslogng provides a centralised, securely stored log of all devices on your network, whatever platform they run on. And syslog-ng also incorporates a host of powerful features, including filtering based on message content, as well as customisable data mining and analysis capabilities.
Syslog Daemon for Windows:
Kiwi Syslog Daemon is a freeware Syslog Daemon for Windows. It receives, filters, logs, displays and forwards Syslog messages and SNMP traps from hosts such as routers, switches, Unix hosts and any other syslog enabled device.
LogAnalysis.org:
A site dedicated to pulling together a repository of useful information on log analysis for computer security
Implementing Central Logging Server
This document attempts to provide a practical guide for implementing a centralized syslog server at an Enterprise level. The document includes details on porting cross platform logs to a central syslog server, porting messages to a database and real time viewing and querying of the logs
Update (12th May 2005):
MS Log Parser:
Log parser is a powerful, versatile tool that provides universal query access to text-based data such as log files, XML files and CSV files, as well as key data sources on the Windows® operating system such as the Event Log, the Registry, the file system, and Active Directory®.
SecurityFocus has a good article explaining how to use the logparser.