From a Search Results page, use the Search Properties tool bar button to display the Search Properties tabs across the bottom of the screen. This view consists of tabbed pages defining the criteria or properties which make up the selected search.
For a detailed description of the Info, Who, What, Where, Origin and Layout tabs and how to use them to create a custom search, refer to Custom Searches and Search Properties. For more information about the Alert tab, see Enable Alert Notifications and the Report tab, see Generate and Schedule Reports.
Use the Event Details button on a Search Results page, Overview page, or Alert History page to display the Event Details pane. You can also double-click an event in the search results grid to display the Event Details pane for the selected event.
The following details about the selected event selected are available:
The severity level assigned to the search is displayed in the upper left-hand corner. | |||||
This field specifies the date and time when the change occurred. | |||||
This field displays the name of the server where the change occurred. | |||||
This field displays the source of the event:
NOTE: If the Source field displays ‘ActiveRoles’ (instead of ‘ActiveRoles Server’) you are not using the latest integration scripts. If you want to take advantage of the additional events and initiator account information captured using the new integration scripts, ensure you are running Active Roles 6.9 (or higher) with Change Auditor for Active Directory 6.5 (or higher). | |||||
Depending on the type of event, additional details may be displayed at the bottom of this pane. | |||||
Indicates whether the operation mentioned in the event was successfully completed. Valid states are: | |||||
This field defines the action associated with the selected event. | |||||
This field defines the event class facility to which the change event belongs. | |||||
If an attribute has been added, deleted or modified, this field displays the name of the attribute. | |||||
For AD Query events, this field displays the type of query:
| |||||
For AD Query events, this field displays the scope of coverage: | |||||
For AD Query events, this field displays the number of results returned as a result of the query. | |||||
For AD Query events, this field displays the date and time when the AD query was first initiated. | |||||
For AD Query events, this text box displays the filter string used in the AD query. | |||||
For AD Query events, this text box displays the attributes that were queried. | |||||
For Service events, this field displays the name of the services that were modified. | |||||
For Registry events, this field displays the name of the registry key that was modified. | |||||
For Registry events, this field displays the registry value that was modified. | |||||
For Group Policy events, this field displays the name of the group policy that was modified. | |||||
For Group Policy events, this field displays what section of the group policy was modified. | |||||
For Group Policy events, this field displays the group policy item that was modified. | |||||
For Local Account events, this field displays the local account that was modified. | |||||
This text box lists the old value that was assigned to the object. | |||||
This text box lists the new value that is now assigned to the object. | |||||
For SharePoint events, this field displays the URL of the SharePoint item that was modified. | |||||
For VMware events, this field displays the name of the host where the change occurred. | |||||
For VMware events, this field displays the name of the virtual machine where the change occurred. | |||||
For VMware events, this field displays the name of the datacenter where the change occurred. | |||||
For Logon Session events, if applicable this attribute displays the date and time when the current user session ended. |
© 2024 Quest Software Inc. ALL RIGHTS RESERVED. Terms of Use Privacy Cookie Preference Center