Categoria
Argomento
Argomento secondario
Book
Export ODA data audit to SAAS SIEM (4370983)
We would like to know if there are any way to directly export ODA data audit to our cloud SIEM?
On Demand Retention period for when a Subscription ends (4220084)
After a Trial or Paid Subscription ends, how long is the data retained? <p>After a Trial Subscription ends, the data is deleted after 30 days and once deleted it cannot be recovered.</p><p>After a Paid Subscription ends, the data is deleted after 60 days and once deleted it cannot be recovered.
How to manage alerts and alert plans (Notification templates) (4371616)
Alerts allow those responsible for the security of your environment to receive detailed information about vital changes and activities as they occur. ... The associated notification templates allow you to configure who will receive the alerts so that they can take the appropriate action to address the outlined risks to your environment.
err_name_not_resolved (4378070)
Within On Demand Migration (ODM) it is now displaying No Organizations Created even though there was an organization created and consents granted. ... In this case a HAR file can be generated to find an error such as the following.
Is SAML or Single Sign On supported for logging into On Demand (4236268)
Authenticating through Microsoft Entra ID provides native granular control and allows you to manage your configuration from a central location. ... It allows configuring advanced security layers through your own conditional access policies, such as MFA, integration with OKTA and other applications that work with the Microsoft Authentication Library (MSAL).</p> <p>A Microsoft Entra ID access token (constrained to the Quest On Demand application) is obtained when the user navigates through authentication process.
How to generate a HAR file (4307354)
When troubleshooting an issue in Nova, we may need to get a HAR file. ... In this article we’ll explain how to generate a HAR file. ... A HAR file is a HTTP archive. ... It is a file format used by HTTP session tools to export data that has been captured by the browser.
What endpoints are used to access the On Demand Portal? (4378079)
In some scenarios where a firewall needs to be configured to whitelisting, what URL and ports are used to access the On Demand Portal? ... To create a configuration with On Demand Audit in US region, Change Auditor clients and coordinators must be able to access:
Regranting consent is required for On Demand Applications will be required on or before June 21st 2022 (4255311)
Microsoft announced in Build Conference 2020 that they will be deprecating Azure Active Directory Authentication Library (ADAL) initially planned for June 2022 and now extended to the end of the year.
What actions are required when purchasing a new subscription? (4236540)
When purchasing a new license (for example going from a trial to a paid subscription), what actions are required to install the new license. ... <div> <div>Our On Demand products do not use a traditional license key file.
Create a custom search (4378037)
Custom searches allow you to locate and report on the data that is of interest to you. ... The associated search preview updates as you construct a search to ensure you are getting the desired results.
What endpoints does Change Auditor use when integrated with On Demand Audit? (4219952)
When configuring Change Auditor to integrate with On Demand Audit, what are the URLs (endpoints) that the Coordinator needs to be able to access? <p style="margin-top: 0pt;margin-bottom: 6pt;line-height: 13pt;font-family: 'Open Sans';font-size: 9.75pt;color: #737373;"><span style="background: white;">To create a configuration with On Demand Audit in US region, Change Auditor clients and coordinators must be able to access:</span></p>
How to configure the Hybrid agent behind a proxy server? (4377005)
What are the considerations and connectivity requirements when installing the On Demand Hybrid agent behind a proxy server? ... The Hybrid agent connection will use the proxy server settings applied to the service account or the computer where it is installed <p>To ensure the Hybrid agent will connect to On Demand behind a proxy server, it will be required to configure the Internet Explorer Proxy for at least the user identity running the setup and the service account used to run the Agent service.
Unexpected time-outs and log-offs in On-Demand Portal (4371581)
When logging into the On-Demand portal (regardless of the web browser used), after navigating for a while the session times out earlier than the expected time. ... In addition, the following error line is present in the HAR file inspected:<br><br>"net::ERR_CONNECTION_RESET" Network or ISP issues related to the environment or the workstation where the portal is being accessed.
Change Auditor on isn't sending events to ODA (4346850)
Change Auditor shows that the integration is successful but isn't sending events. ... On Demand Audit shows the integration is running but waiting for events to sync. ... Events are not sent to on-demand with a status of "even data sync pending"
Email Notifications Stopped Working (4236511)
It appears that the email notifications quit sending emails.
Migrate Service Principals from the retiring Azure AD Graph APIs to Microsoft Graph (4377567)
From the Audit consent and the contained permissions in On Demand we can easily see we're not using that old permission anymore. ... We have moved to the equivalent graph API permission for some time now.
How to get an alert whenever a Conditional Access Policy is modified? (4377301)
Is it possible to create a search and alert whenever a Conditional Access Policy is changed or modified? ... For conditional access changes, you will have to create a custom search with the Activity value "Update to conditional access policy" in the filter.
How to receive a notification whenever the Change Auditor and On Demand Audit integration stops? (4377048)
Can I receive an alert or be notified whenever the integration between Change Auditor (CA) and On Demand Audit (ODA) stops working and events are no longer forwarded? ... Although you cannot get a notification related to the integration itself from CA, you can get notified in ODA if the events activity coming from CA stops or resumes.
How to allow a proxy server connection for the integration with On Demand Audit? (4377018)
In some scenarios, the coordinator server is behind a proxy server and the customer would like to know how to do the integration with On Demand Audit (ODA). ... <ol><li>Configure the Internet Explorer Proxy Settings for the signed-in user.</li><li>Export the following registry key:
Is it a requirement that the subscription owner have a valid email address? (4377032)
The account that is receiving ownership of the subscription, does it need a mailbox as it needs to be able to receive email? ... Yes, this is required not only because the subscription owner will get On Demand updates and notices emailed by Quest, but also because to enable this subscription usage in the On Demand Organization the subscription owner will need to request subscription sharing and will have to locate the email with the request in your mailbox and click the approve button.
On Demand Audit - Anomaly detected activity (4376798)
On Demand Audit - Anomaly detected activity Anomaly detected activity alert is just a post to make one aware that there is an Anomaly. ... Meaning the Anomaly detected activity alert is just to give information that something happened, but it's doesn't give an in detail information and that's all it's supposed to do, because it's a big picture of an Anomaly detected activity.
What searches are available for Teams events in ODA? (4300161)
Provide a list of searches available for Teams events in ODA <h4 id="TOPIC-1490836">Teams built in searches</h4> ... <p>On Demand Audit provides the following Teams searches:</p> ... <p>Teams app events in the past 7 days</p>
How do filter operators work in Searches? (4376197)
What filter operators are available in Searches and how to use them? <p><b>Available filters</b></p> ... <p>The available string operators include:</p> ... <ul><li>equals</li><li>does not equal</li><li>contains</li><li>does not contain</li><li>in</li><li>not in</li><li>starts with</li><li>does not start with</li><li>ends with</li><li>does not end</li></ul>
How to integrate On Demand Audit with SpecterOps BloodHound Enterprise? (4375854)
permission.</p> ... </li><li> ... <p>Once the configuration has been added, you can select the three vertical dots in the upper right-corner to refresh the configuration immediately, to edit the alert plan, or to read more about the benefits of integrating with SpecterOps BloodHound Enterprise.</p>
filter the alerts for user lockout accounts by OU (4375648)
We would like to filter the alerts for user lockout accounts by OU There is no OUs objects in Azure Intra need to use specific Azure intra attributes to further filter.
Associazione di nuovi prodotti
- Strumenti self-service
- Knowledge Base
- Notifiche e avvisi
- Supporto prodotti
- Download di software
- Documentazione tecnica
- Forum utente
- Esercitazioni video
- Feed RSS
- Contatti
- Supporto tecnico
- Visualizza tutto