Report on changes in Active Directory

Background / Value

The AD Logga allows you to monitor current processes in your Active Directory. ARM even captures all changes made with native tools including temporary changes. From a security perspective any actions related to event types and event authors are important.

 

Monitoring of event types

Changes to:

  • Attributes
  • Users
  • Computers
  • Groups
  • Passwords
  • Accounts
  • Members

 

Monitoring of event authors

  • Users
  • Groups
  • Computers

 

Additionally you are able to filter according to object class and attribute.

 

Related features

Analyze AD Logga events with the logbook

Set alerts for groups

Set alerts for user accounts

 

Step-by-step process

  1. Select "Start".
  2. Click on "AD Logga Report".

 

  1. Enter a title for the report and add a comment.
  2. Define the date range of the report.
  3. Select domain objects whose events should be captured in the report.

 

Define the range of the report by setting filters. By definition filters exclude the selected data.

  1. Add the type of events that you would like to include in the report.
  2. Add the authors of events that you would like to include in the report.
  3. Add all object classes that you would like to include in the report.
  4. Add all attributes that you would like to include in the report.

 

By saving AD Logga report configurations as templates you can save valuable time by reusing complex report configurations.

  1. Select an existing template.
  2. Save the current configuration as a template.

 

  1. Define the desired output settings.
  2. Option activated and output format set to CSV: The report contains only event data and no report or filter configuration. This can be very helpful for automated post-processing.
  3. Start the report.