Set alerts for groups
Employees receive their access rights through group memberships. Sensitive groups grant access to their secret folders and other important resources. The AD Logga allows you to actively monitor specific Active Directory groups so an alert is received if new members are added.
Due to the nested group structures in Active Directory, monitor both direct group memberships and indirect memberships.
Create the report
-
Log in to the Access Rights Manager application.
-
Click Accounts in the toolbar.
-
In the Search field, enter a search term to locate the desired group.
-
In the center pane, right-click the targeted group and select Create alert.
-
In the Create alert page under Alert Name, enter a name for the alert.
-
Select whether direct only or direct and indirect group membership changes trigger an alert.
SolarWinds recommends direct and indirect.
-
Click Actions.
-
Select at least one action that will execute when an alert is triggered.
-
If an email should be sent when an alert is triggered, select the Send email checkbox and complete the fields.
You can customize the email message. This is analogous to the recertification emails.
-
To write the alert to the Windows Event Log using this categorization, select the Write to Windows event log checkbox.
This option is useful if you are using a security information and event management (SIEM) tool that monitors the Windows Event Log. -
To execute a script, select the Execute script checkbox.
To activate this option, configure a script for alerts. See Configure scripts for instructions. -
To write the event to a syslog server, select the Write to SysLog checkbox.
The syslog server must be configured in the ARM Configuration application. See Set the syslog servers for instructions.
-
-
Under Category, click the drop-down menu and select a category used when writing to the Windows Event Log and selecting the email subject.
-
(Required) Enter a reason for the alert configuration.
-
Click Create.
See the following sections for more information.