Chat now with support
Chat with Support

Change Auditor - For Advanced Users 7.2 - Technical Insight Guide

Change Auditor Services Change Auditor licensing processes Component Start-up Considerations Change Auditor network communications Coordinator internal tasks Registry Settings Change Auditor built-in fault tolerance Change Auditor protection Database Considerations Account exclusions best practices

Agent to coordinator connection (version 7.0.2)

Change Auditor 7.0.2 agents connect in the same way as 6.x agents, however encryption and decryption for database storage and communications are upgraded to meet the requirements of FIPS 140-2 and its annexes.

Coordinator to SQL Server connection

 

Coordinator internal tasks

The following table lists the internal scheduled tasks that the coordinator performs, including when the task initially starts and how often the task is repeated. This section also provides a description of each of these tasks, and if configurable the page of the client used to configure it.

Forest topology collection

30 seconds after startup

Every 3 hours

No

Group expansion

3 hours after startup

Every 6 hours

Yes

Alert processing – Send SMTP

30 seconds after startup

Every 60 seconds

No

Alert processing – Send SNMP

45 seconds after startup

Every 30 seconds

No

Alert processing – Send WMI

30 seconds after startup

Every 30 seconds

No

License check

30 seconds after startup

Every 5 minutes

No

Remote deployment

1 minute after startup

Every 5 minutes

No

Agent heartbeat check

10 minutes after startup

Every 5 minute

No

Refresh coordinator statistics

At startup

Every 15 seconds

No

Event aggregator

10 seconds after startup

Every 10 seconds

No

SQL upgrade monitor

15 seconds after startup

Every 15 seconds

No

Open handle

300 seconds after startup

Every 300 seconds

No

Scheduled purge job

60 seconds after startup

Every 5 minutes

No

Scheduled archive job

60 seconds after startup

Every 5 minutes

No

Scheduled report job

60 seconds after startup

Every 5 minutes

No

Forest topology collection

Change Auditor maintains a view of Active Directory in the database. Each event that Change Auditor captures is linked with a forest, domain, or server (or workgroup server) found in the topology collection. When the coordinator service starts, the topology collection begins. The following Active Directory objects are collected and stored:

Domain Objects (crossref objects) found in CN=Partitions,CN=Configuration,<Forest Root Distinguished Name>
Site Objects (site objects) found in CN=Sites,CN=Configuration,<Forest Root Distinguished Name>
Exchange Servers (msExchExchangeServer objects) found in CN=Microsoft Exchange,CN=Services,CN=Configuration, <Forest Root Distinguished Name>
Server Objects (computer objects) – For each domain found, Change Auditor searches the domain for the following types of server objects:
Exchange servers found in the following groups:
All computer objects found using the following filter:
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating