Set alerts for user accounts
Background / Value
The AD Logga allows you to monitor the process of resetting passwords. Within this process there is an inherent security risk. For example, if a helpdesk employee secretly resets the password of a manager or executive, they can sign on with a temporary password and gain access to sensitive information. In this scenario the designated users are informed.
Related features
Step-by-step process
- Find the desired user by entering their name into the search field.
- Right-click on the user and select "Create alert" from the context menu.
- Enter a title for the alert.
- Select an event type that triggers the alert.
- Choose Actions.
Here you specify which actions are executed when an alert is triggered. You must activate at least one action. - Activate the option if an email should be sent in case of an alert.
The content of the emails can be customized. This is analogous to the recertification emails.
- The alarm is written to the Windows event log using the categorization. This option is especially useful if you are using a SIEM system that monitors the Windows Event Log.
- Enable the execution of a script. To be able to activate this option, a script configuration for alerts must exist.
Activate this option to write the event to a Syslog server. Syslog servers need to be configured in the ARM configuration application under Server > Syslog.
Choose a category. This is used when writing to the Windows Event Log and for the email subject.
- You must specify a reason for the alert configuration in order to save it.
- Click on "Create".