By default, ControlPoint Audit Log analysis results include name of the Site on which audited activity occurred. The process required for ControlPoint to collect this information is time-consuming and may affect performance, especially if the scope of the analysis is large.
ControlPoint Application Administrators can, however, prevent this process from being carried out by changing the ControlPoint Configuration Setting PROCESSAUDITNAMES from True to False.
Note that, if PROCESSAUDITNAMES is set to false, you can use the url to identify the site where audited activity occurred.
The following ControlPoint Sentinel Anomalous Activity Detection settings display under the category Audit Log.
·Enabling Anomalous Activity Detection via the ControlPoint Scheduled Job Review
·Changing the Subject and/or Body of Anomalous Activity Detection Emails
As part of preparing your environment for using ControlPoint Sentinel, Anomalous Activity Detection must be enabled to run:
·via the ControlPoint Anomalous Activity Detection job in Central Administration
OR
·as part of the ControlPoint Scheduled Job Review, by changing the ControlPoint Setting Enable Options That Require Anomalous Activity Detection from False to True.
NOTE: This is an Advanced Setting in the Audit Log category.
See also "Preparing Your Environment for Using ControlPoint Sentinel" in the ControlPoint User Guide.
When a ControlPoint Sentinel Anomalous Activity Rule specifies that an email alert be sent when an Anomalous Activity Limit has been exceeded, ControlPoint automatically sends an email for the to the appropriate user(s).
ControlPoint Application Administrators can, however, modify the default subject and/or body text, as described in the following table.
If you want to change the text of the ... |
Then change the Parameter of the ControlPoint Setting .... |
From the default text... |
---|---|---|
email Subject |
Subject Line for ControlPoint Anomalous activity Detection email |
ControlPoint Anomalous activity Detection. |
email body |
ControlPoint Anomalous activity Detection Email Message (AADActvityLevelEmailBody)
|
@@UserName@@ has exceeded the personal daily activity limit of @@limit@@ by @@overage@@.
Where the following variables are used: ·@@UserName@@ is the account name of the user who has exceeded his/her daily activity limit ·@@limit@@ is the daily activity limit characterized by ControlPoint Sentinel ·@@overage@@ is the amount by which the user has exceeded the activity limit for that day. |
No
© ALL RIGHTS RESERVED. Termini di utilizzo Privacy Cookie Preference Center