Chat now with support

Get Live Help
Complete Registration

Sign In

Request Pricing

Contact Sales

Change Auditor 7.1 - User Guide

Table of Contents

Change Auditor Overview

Available Change Auditor auditing modules

Agent Deployment

Deployment page Deploy agents Change the agent installation location and system tray option Enable auto deployment Refresh or clear Deployment page information

Change Auditor Client Overview

Starting the Change Auditor client Accessing Change Auditor news and updates Managing connection profiles

Connection wizard

Client components Customize table content

Sort data Resize or move columns Add or remove columns Group data

Using custom filters

Directory object picker

Overview My Favorite Search Define a favorite search Overview panes

Top Agent Activity Recent Event Activity Count of Events By Agent Status Coordinator Status

Event Details pane

Introduction Searches page

Explorer view Searches list Search Properties tabs

View a list of available searches Run searches Run a quick search

Search Results and Event Details

Introduction Search Results page

Search Results grid Search Properties tabs Event Details pane

View search results

Display results in different formats

Preview search results Compare results side-by-side View event details or search properties Copy event details Email event details Display event's knowledge base entry Add comments View user context and run related searches Protect critical objects, mailboxes, files and folders Add search properties to existing event queries

Custom Searches and Search Properties

Introduction Create a custom search Search Properties tabs

Info tab Who tab What tab Where tab When tab Origin tab Alert tab Report tab Layout tab SQL tab XML tab

Enable Alert Notifications

Introduction Alert tab (Search Properties tabs) Enable alerts Disable alerts Alert History page View alert history View event details or alert properties

Administration Tasks

Administration Tasks tab Administration Task lists Export/import Administration Task settings

Agent Configurations

Introduction Agent Configuration page Define agent configurations Assign agent configurations to server agents Enable event logging

Coordinator Configuration

Coordinator Configuration page SMTP Configuration Configure email alert notifications/reports Customize alert email content Shared Folder Configuration Group Membership Expansion Add groups to Group Membership Expansion list Agent Heartbeat Check Disconnect client after 30 minutes of inactivity Scheduled Task Handling

Purging and Archiving your Change Auditor Database

Introduction Planning your jobs Purge and Archive page Create and maintain jobs Purge and Archive wizard Purge selected records

Disable Private Alerts and Reports

Introduction Private Alerts and Reports page Disable private alerts and reports

Generate and Schedule Reports

Schedule reports for distribution

Create global report template Define report content and layout Enable and schedule reporting

Launch Report Designer Publish reports Print or save a page's contents

SQL Reporting Services Configuration

Introduction SQL Reporting Services Page SQL Reporting Services Templates SQL Reporting Services Wizard

Change Auditor User Interface Authorization

Introduction Application User Interface Authorization page Add task definition Add role definition Add application group Remove a task definition

Client Authentication

Introduction Client Authentication Page Changing the client authentication method

Integrating with On Demand Audit

Managing a Quest On Demand Audit integration

Creating an On Demand Audit configuration Working with an On Demand Audit configuration

Enable/Disable Event Auditing

Introduction Audit Events page Enable/disable event auditing Modify event's severity level or event class description Define events to be captured based on results View event information

Account Exclusion

Introduction Excluded Accounts Auditing page Excluded Accounts templates Excluded Accounts wizard

Registry Auditing

Introduction Registry Auditing page Registry Auditing templates Registry Auditing wizard

Service Auditing

Introduction Services Auditing page Service Auditing templates Service Auditing wizard

Agent Statistics and Logs

Introduction Agent Statistics page

Agent Statistics grid Resource Properties pane

Machine Info page Processors page Drives page Shares page Services page Exchange Mailboxes page

Agent system tray icon

Change Auditor Agent Status dialog

View agent status/statistics Manage Change Auditor agents Agent Log page View and save agent trace logs

Coordinator Statistics and Logs

Introduction Coordinator Statistics page Coordinator system tray icon

Change Auditor Coordinator Status dialog Coordinator Configuration tool

View coordinator status and statistics Manage Change Auditor coordinators Coordinator Log page View and save coordinator trace logs

Change Auditor Commands

Menu commands Tool bar buttons Right-click commands

Change Auditor Email Tags

Define events to be captured based on results

The Results column on the Audit Events page allows you to specify if an individual event is to be captured by Change Auditor based on the results of the operation performed in the event. That is, you can specify to capture an individual event based on the following results:

•

All Results - capture event regardless of the result returned.

•

Success Only - capture event only if the operation occurred as stated in the event.

•

Success and Failed Only - capture event if the operation occurred as stated in the event or if it was prevented due to a factor/setting outside of Change Auditor’s control.

•

Success and Protected Only - capture event if the operation occurred as stated in the event or if it was prevented because the object was protected using Change Auditor’s protection feature.

To change the results criteria for capturing an event:

1

Open the Audit Events page.

2

Locate the event to modify.

3

Place your cursor in the Results cell for that event, click the arrow control and select one of the following options:

•

All Results (default)

•

•

Success and Failed Only

•

Success and Protected Only

4

Change Auditor will now only capture and return the event if the operation mentioned if the event meets the results criteria selected.

View event information

Change Auditor provides access to the associated Event Reference Guide which contains detailed descriptions for each event, including how Change Auditor detected the configuration change event, what the changed parameter controls, and the consequence of such a change.

To view the event reference guide:

1

Open the Audit Events page.

2

Select an event from the list and click Knowledge Base.

Account Exclusion

•

•

Excluded Accounts Auditing page

•

Excluded Accounts templates

•

Excluded Accounts wizard

Introduction

Account exclusion allows you to define a list of trusted accounts to exclude from auditing. This enables you to exclude events generated by accounts that make a large number of changes or by accounts which are trusted.

To use account exclusion, you must first define the user/computer accounts that can make changes without triggering an event in Change Auditor:

1

Create an Excluded Accounts template which specifies the user and/or computer accounts that are to be excluded from the auditing process. For more information on creating a template, refer to Excluded Accounts templates.

2

Add this template to an agent configuration. For more information on how to add a template to an agent configuration, refer to Define agent configurations.

3

Assign the agent configuration to Change Auditor agents. For more information on how to assign an agent configuration to an agent, refer to Assign agent configurations to server agents.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating

© ALL RIGHTS RESERVED. Feedback Terms of Use Privacy Cookie Preference Center