I’ve just created a google code’s project with some code I wrote some time ago. Sobek-Hids is a python based Host IDS system capable to monitor:
Registry Changes
File Activity
Process Creation
Printing Jobs
External Drives (USB Disk Plugs)
Shared Resources
Windows Accounts
Logon
Firewall Changes
I hope I will have the time to continue and improve this couple of scripts.
You can find it at sobek-hids