Chat now with support
Chat mit Support

Change Auditor 7.4 - User Guide

Change Auditor Overview Agent Deployment Change Auditor Client Overview Overview Page Searches Search Results and Event Details Custom Searches and Search Properties Enable Alert Notifications Administration Tasks Agent Configurations Coordinator Configuration Purging and Archiving your Change Auditor Database Disable Private Alerts and Reports Generate and Schedule Reports SQL Reporting Services Configuration Change Auditor User Interface Authorization Client Authentication Certificate authentication for client coordinator communication Integrating with On Demand Audit Enable/Disable Event Auditing Account Exclusion Registry Auditing Service Auditing Agent Statistics and Logs Coordinator Statistics and Logs Change Auditor Commands Change Auditor Email Tags

Change Auditor Coordinator Status dialog

The Change Auditor Coordinator Status dialog helps you determine if the coordinator is running and what version is installed on the server. The other status information on the dialog is broken down into the following sections:

Coordinator Information - displays the status, version number, SCP port and installation name for the coordinator
Database Information - displays the coordinator database server, name and size
Agent Connections to this Coordinator - displays the total number of agents that are connected to the coordinator
Events and Alerts on this Coordinator - displays status information regarding events, alerts, and search activities for this particular coordinator

The Change Auditor Coordinator Status dialog contains the following information:

Coordinator Status

Displays the current status of the coordinator:

This value will normally be ‘Running’. If the credentials supplied for the database access during the coordinator installation are incorrect or have expired, this field will display ‘Not Running’ indicating that the coordinator did not successfully start. If this happens, use the Database Configuration Utility to change the permissions trying to access the database.

Installation Name

Displays the installation name assigned to the coordinator during installation.

Version

Displays the current version of the coordinator installed on the server.

SQL Server

Displays the name of the server where the coordinator resides.

Database Catalog

Displays the name assigned to the coordinator database during the coordinator installation.

Database Size

Displays the size of the coordinator database, in megabytes.

Database Free Space

Displays the available free space in the coordinator database.

Agents Connected (Total)

Displays the total number of agents connected to this coordinator.

Total Events

Displays the number of events this coordinator has received since it was last started.

Events in Receive Buffer

Displays the number of events that have not yet been processed by this coordinator and forwarded to the client.

Average Events Per Second

Displays the average number of events processed by this coordinator per second.

Client SCP Port

Displays the port number assigned to the coordinator Service Connection Point (SCP).

Public SDK Port

Displays the port number assigned for external applications to access the coordinator.

Agent Port

Displays the port number assigned to the agents to communicate with the coordinator.

Coordinator Configuration tool

You can use the Coordinator Configuration tool to modify the credentials used by the coordinator when accessing the database. Right-clicking the coordinator system tray icon and selecting Coordinator Configuration, displays the Coordinator Configuration tool. From here, you can:

This tool consists of the following tabbed pages:

From the Security page, you can change the database instance and service accounts used to access the database.

Use the fields/options to enter the credentials to be used to access the designated SQL Server/instance as described below:

Enter the name or IP address of the SQL instance to be used. (i.e., <Server Name>\<Instance Name>). You can also click Browse to locate and select the SQL server and instance.
Windows Authentication - this is selected by default and will use Windows authentication to access the database.
SQL Server Authentication - select this to use SQL Server authentication to access the database.
Azure Active Directory Authentication - select this to use Azure Active Directory authentication to access the database located on an Azure SQL Managed Instance.

By default, Change Auditor dynamically assigns communication ports for each installed coordinator. However, using the Ports page of the Coordinator Configuration dialog, you can specify static SCP listening ports to be used to communicate with the coordinator.

If you upgraded from a 5.x installation where static ports were defined, these static ports are retained as part of the upgrade process. However, the Agent Port setting, which is used by 6.0 agents, is set to use a dynamic port. Check with your system administrator to determine whether this new connection should also be using a static port.

Enter the ports to use to communicate with the coordinator:

By default, Change Auditor stores the Active Directory and GPO protection templates in SQL. However, you can use the Protection page of the Coordinator Configuration dialog to store the Active Directory and GPO protection templates in Active Directory instead of SQL.

When you select to store your Active Directory and Group Policy protection templates in Active Directory, you can use the Security feature on the Active Directory Protection page or Group Policy Protection page to provide an additional layer of security. The additional setting is intended when you require tighter security ACLs on your Active Directory and GPO objects and templates (for example, the Change Auditor SQL database may not be fully secured by ChangeAuditor Administrators). For more information about setting this additional security on protected objects, see the Change Auditor for Active Directory User Guide.

Specify the appropriate option for storing Active Directory/GPO protection and ADAM (AD LDS) protection:

View coordinator status and statistics

2
By default, this pane only includes installed coordinators in the pie chart. You can however, select the Show Uninstalled Coordinators check box to include uninstalled coordinators in the pie chart.
2
Click Show Uninstalled Coordinators to include coordinators set as ‘uninstalled’. Click Hide Uninstalled Coordinators to exclude these coordinators from the display.
3
Click OK to close this dialog.

Manage Change Auditor coordinators

NOTE: You can use Action | Agent Notifications to hide (or display) the desktop notifications that are displayed when these processes are performed.
2
On the confirmation dialog, click Yes to stop the coordinator service.
3
If you so choose, click Set Coordinator Uninstalled to flag the selected coordinator as ‘Uninstalled’.
4
Click Show Uninstalled Coordinators to include uninstalled coordinators in the Coordinator Statistics list. Click Hide Uninstalled Coordinators to exclude uninstalled coordinators from the display.
Verwandte Dokumente

The document was helpful.

Bewertung auswählen

I easily found the information I needed.

Bewertung auswählen