Chat now with support

Get Live Help
Complete Registration

Sign In

Request Pricing

Contact Sales

Change Auditor 7.1 - User Guide

Table of Contents

Change Auditor Overview

Available Change Auditor auditing modules

Agent Deployment

Deployment page Deploy agents Change the agent installation location and system tray option Enable auto deployment Refresh or clear Deployment page information

Change Auditor Client Overview

Starting the Change Auditor client Accessing Change Auditor news and updates Managing connection profiles

Connection wizard

Client components Customize table content

Sort data Resize or move columns Add or remove columns Group data

Using custom filters

Directory object picker

Overview My Favorite Search Define a favorite search Overview panes

Top Agent Activity Recent Event Activity Count of Events By Agent Status Coordinator Status

Event Details pane

Introduction Searches page

Explorer view Searches list Search Properties tabs

View a list of available searches Run searches Run a quick search

Search Results and Event Details

Introduction Search Results page

Search Results grid Search Properties tabs Event Details pane

View search results

Display results in different formats

Preview search results Compare results side-by-side View event details or search properties Copy event details Email event details Display event's knowledge base entry Add comments View user context and run related searches Protect critical objects, mailboxes, files and folders Add search properties to existing event queries

Custom Searches and Search Properties

Introduction Create a custom search Search Properties tabs

Info tab Who tab What tab Where tab When tab Origin tab Alert tab Report tab Layout tab SQL tab XML tab

Enable Alert Notifications

Introduction Alert tab (Search Properties tabs) Enable alerts Disable alerts Alert History page View alert history View event details or alert properties

Administration Tasks

Administration Tasks tab Administration Task lists Export/import Administration Task settings

Agent Configurations

Introduction Agent Configuration page Define agent configurations Assign agent configurations to server agents Enable event logging

Coordinator Configuration

Coordinator Configuration page SMTP Configuration Configure email alert notifications/reports Customize alert email content Shared Folder Configuration Group Membership Expansion Add groups to Group Membership Expansion list Agent Heartbeat Check Disconnect client after 30 minutes of inactivity Scheduled Task Handling

Purging and Archiving your Change Auditor Database

Introduction Planning your jobs Purge and Archive page Create and maintain jobs Purge and Archive wizard Purge selected records

Disable Private Alerts and Reports

Introduction Private Alerts and Reports page Disable private alerts and reports

Generate and Schedule Reports

Schedule reports for distribution

Create global report template Define report content and layout Enable and schedule reporting

Launch Report Designer Publish reports Print or save a page's contents

SQL Reporting Services Configuration

Introduction SQL Reporting Services Page SQL Reporting Services Templates SQL Reporting Services Wizard

Change Auditor User Interface Authorization

Introduction Application User Interface Authorization page Add task definition Add role definition Add application group Remove a task definition

Client Authentication

Introduction Client Authentication Page Changing the client authentication method

Integrating with On Demand Audit

Managing a Quest On Demand Audit integration

Creating an On Demand Audit configuration Working with an On Demand Audit configuration

Enable/Disable Event Auditing

Introduction Audit Events page Enable/disable event auditing Modify event's severity level or event class description Define events to be captured based on results View event information

Account Exclusion

Introduction Excluded Accounts Auditing page Excluded Accounts templates Excluded Accounts wizard

Registry Auditing

Introduction Registry Auditing page Registry Auditing templates Registry Auditing wizard

Service Auditing

Introduction Services Auditing page Service Auditing templates Service Auditing wizard

Agent Statistics and Logs

Introduction Agent Statistics page

Agent Statistics grid Resource Properties pane

Machine Info page Processors page Drives page Shares page Services page Exchange Mailboxes page

Agent system tray icon

Change Auditor Agent Status dialog

View agent status/statistics Manage Change Auditor agents Agent Log page View and save agent trace logs

Coordinator Statistics and Logs

Introduction Coordinator Statistics page Coordinator system tray icon

Change Auditor Coordinator Status dialog Coordinator Configuration tool

View coordinator status and statistics Manage Change Auditor coordinators Coordinator Log page View and save coordinator trace logs

Change Auditor Commands

Menu commands Tool bar buttons Right-click commands

Change Auditor Email Tags

Change Auditor Commands

This appendix lists the commands available throughout the Change Auditor client. The tables in this appendix list the following commands that are available throughout the entire client:

•

•

Tool bar buttons

•

Right-click commands

Menu commands

The Change Auditor commands are grouped under a menu on the menu bar. Some of these commands perform an action immediately; others display an additional dialog or open a wizard where you select options or specify additional information.

The following table provides a description of the commands available under each of the Change Auditor menus.

Table 1. Menu commands

Use to display the Connection screen to select the connection profile to be used to connect to a Change Auditor coordinator.

This command is only available when the client is disconnected from a coordinator.

Use to disconnect from the current coordinator.

Use to view one of the log files. Selecting this command will display the Open Log dialog allowing you to select the log file to be viewed. Once selected, a new tabbed page will be created in the client displaying the entries logged in the selected log.

Open Client Log

Use to view the current client log. A new tabbed page will be created in the client displaying the entries logged to the current client log.

Use to send the contents of the displayed page to the designated printer. When you select this command, the native Print dialog will be displayed allowing you to specify various print options.

Use to save the contents of the displayed page to either an Excel (.xls) or comma delimited (.csv) file. When you select this command, the native Save As dialog will be displayed allowing you to specify the location, file name and type of file to be created.

Use to save the contents of the displayed page to a PDF file. When you select this command, the native Save As dialog will be displayed allowing you to specify the location and file name.

Use to preview the contents of the displayed page prior to printing it.

Use to define the page settings for printing. Selecting this command will display the native Page Setup dialog allowing you to define the paper, page orientation and margins.

Use to close the client.

Use to move the selected item (folder or search definition) to a different location in the explorer view (left pane) on the Searches page. Once cut, this item can then be pasted (or moved) to another location.

Use to copy the selected item (folder or search definition) to another location in the explorer view (left pane) on the Searches page. Once copied, a copy of this item can be pasted to another location.

Use to paste the contents of the clipboard (folder or search definition) to the selected location.

Use to remove the selected user-defined item (folder or search definition).

Use to move the selected item (folder or search definition) to another location in the explorer view (left pane) on the Searches page. Selecting this command will display the Select the Destination Folder dialog allowing you to select the new location.

Use to retrieve and redisplay current data.

Autofit Columns to Contents

Use to resize the columns based on the content, which will eliminate the scroll bars.

Use to close multiple client windows and return to a single client window.

Use to display the XML tab, which displays the XML representation of a selected search criteria, at the end of the Search Properties tabs.

NOTE: This command is only available from the Searches page and a Search Results page.

Use to display the SQL tab, which displays the SQL query built to run a selected search, at the end of the Search Properties tabs.

NOTE: This command is only available from the Searches page and a Search Results page.

Use to enable or disable the auto connect feature. When enabled, the Connection Profile dialog will not be displayed when the client is launched. Instead, the previously specified connection profile will automatically be used to connect to the coordinator.

Disconnect client after 30 minutes of inactivity

Use this to disconnect from the client after 30 minutes of inactivity. If this option is not checked, the connection to the coordinator remains open.

Agent Notifications

Use to hide (or display) the desktop notification that is displayed in the lower right-hand corner of the screen whenever an agent is connected or disconnected from the coordinator, or when the coordinator is stopped or started.

NOTE: Agent Notifications is enabled by default.

Agent Auto Refresh

Use to enable or disable the refreshing of the currently displayed grid (on the Deployment, Overview or Agent Statistics page) when an agent either connects or disconnects.

NOTE: Agent Auto Refresh is enabled by default.

Hide Unlicensed Components

Use to hide unlicensed components from the Administration Tasks tab and unlicensed events throughout the client.

NOTE: This command is only available from the Administration Tasks tab.

NOTE: This feature only applies to users who have never had a specific product license (e.g., Change Auditor for Exchange). Users who had a trial license that has expired, will not be able to hide components. This is so that you can continue to search for events that may have occurred during your trial period.

Use to export the Administration settings, such as configurations and settings, and auditing and protection templates, into an XML file. Selecting this command displays an Export dialog allowing you to select the settings/templates to be exported.

NOTE: This command is only available from the Administration Tasks tab.

Use to import previously exported Administration settings. Selecting this command displays an Import dialog allowing you to select the settings/templates to be imported.

NOTE: This command is only available from the Administration Tasks tab.

Use to display the Deployment page, from which you can deploy agents.

Use to display the Overview page, which displays the results of your favorite search as well as an overview of the following information:

•

Top agent activity

•

Recent event activity

•

Count of events by event class, facility, location, severity, result or subsystem

•

Agent status for the entire enterprise or individual domain

•

Coordinator status for the entire enterprise or a single domain

•

Alert history counts

Use to display the Searches page, from which you can run searches, define new searches and enable alerting.

Statistics | Agent

Use to display the Agent Statistics page which provides a global view of all your agents, providing you with their current status and statistics.

Statistics | Coordinator

Use to display the Coordinator Statistics page which provides coordinator status, database information and agent connection, event and alert data.

Use to display the Administration Tasks tab which provides a single location where you can perform various administrative tasks related to configuring Change Auditor, customizing the auditing process and defining protection.

Close All Windows

Use to close all open windows.

List of open windows

The remainder of this menu lists all of the windows that are currently opened in the client. A check mark to the left of a window indicates the window that is currently active.

Use to display the Quest Change Auditor dialog which displays the following information:

•

The About tab displays the current version, patent, trademark and copyright statements.

•

The License tab provides license compliance information.

•

The Legal Notices tab displays acknowledgments for third party components that are used in Change Auditor

•

The Contact tab provides contact information for technical support, product questions and sales.

Use to display the contents and initial screen of the online help.

Tool bar buttons

The following table lists all of the commands available on the various tool bars in the client. It lists the commands/buttons in alphabetical order and provides a brief description of each command.


	NOTE: When a tool bar button contains an arrow to the far right, this indicates that you can expand the button to select an additional command.

Table 2. Tool bar buttons

Tool bar button

Change Auditor pages

Depending on the page, use to add an entry to a search criteria list, add an object to an auditing list, define a new template, create a scheduled purge job, etc.

Most Administration Tasks pages

Add Role Definition

Add Task Definition

Add Application Group

Use the Add options as defined below:

•

Add Role Definition - use to define a new role defining who is authorized to perform the selected tasks and/or operations.

•

Add Task Definition - use to define a new task defining the operations that can be performed.

•

Add Application Group - use to define a new Authorization Manager Application Group.

Application User Interface page

Use to add an entity (subsystem, event class, object class, severity or results) to the What search criteria list or purge criteria.

Add with Events

Use to add an entity that already has an event associated with it in the coordinator database to the What search criteria list or purge criteria.

Add with Events

Use to add an entity that already has an event associated with it in the coordinator database to the search or purge criteria.

Add | Add Wildcard Expression

Use to specify a wildcard expression for the search criteria or purge criteria.

Add | Add Server Types

Use to specify a server type for the search criteria or purge criteria.

Use to exclude a mailbox from Exchange auditing.

Exchange Mailbox Auditing page

Add | Select Multiple Objects

Use to define custom Active Directory and ADAM auditing - defining the objects, classes and/or attributes to be audited by Change Auditor.

Active Directory Auditing page

ADAM (AD LDS) Auditing page

Advanced Options | Advanced Options

Use to display the Advanced Deployment Options dialog where you can view or modify the following settings:

•

Specify Agent Installation Location

•

Specify a Custom Share on the Remove Server

•

Launch ServiceStatusTray of startup

•

Restart Agent on failure

•

Specify a Group Policy Backup

Deployment page

Advanced Options | ActiveRoles Integration

Deploy Scripts Only

Deploy Scripts and Excluded Accounts

Use the Active Roles integration options as described below:

•

Deploy Scripts Only - use to copy and run the Active Roles integration scripts on the Active Roles server. These scripts instruct Active Roles to capture the initiator information for all users and pass this information onto Change Auditor.

•

Deploy Scripts and Excluded Accounts - use to specify user and computer accounts that are to be excluded from this integration. Change Auditor then deploys the Active Roles integration scripts that signal Active Roles to retrieve the initiator information for all users except for those specified for exclusion.

Refer to the Quest Change Auditor Installation Guide for more information on Active Roles integration.

Deployment page

Alert Properties

Use to display the Alert properties across the bottom of the Alert History page.

Alert History page

Use to save your coordinator configuration settings.

Coordinator Configuration page

Use to assign an agent configuration to the selected agents or to assign a template to an agent configuration.

Agent Configuration page

Excluded Accounts Auditing page

SQL Auditing page

File System Auditing page

Registry Auditing page

Services Auditing page

File System Protection page

Use to enter a comment for the selected event.

Event Details pane

Use to display the Configuration Setup dialog to add, edit or delete agent configuration definitions.

Agent Configuration page

Use this button to select the domain controller to be used to apply ACLs or to revert back to the client’s default global catalog.

NOTE: This button is available only when you have selected to save your Active Directory and Group Policy protection templates to Active Directory using the Protection tab of the Coordinator Configuration tool.

Active Directory Protection page

Group Policy Protection page

Use to copy the displayed event details to the clipboard.

Event Details pane

Use to set, clear or test the credentials to be used for installing agents on the selected domain.

Deployment page

Use to reset the severity and enabled settings of the selected events back to the factory defaults.

Audit Events page

Use to reset all agent configurations back to the default configuration.

Agent Configuration page

Use to remove the selected entry from the list.

Application User Interface page

Member of Group Auditing page

AD Query Auditing page

Exchange Mailbox Auditing page

Purge Jobs page

Report Layouts page

Delete | Delete Administration Account

Use to remove the selected administration account from an Active Directory, ADAM (AD LDS), or Group Policy protection template.

Active Directory Protection page

ADAM (AD LDS) Protection page

Group Policy Protection page

Delete | Delete Agent

Use to remove the selected agent from an EMC or NetApp auditing template.

EMC Auditing page

NetApp Auditing page

Delete | Delete Excluded Account

Use to remove the selected account from an Excluded Accounts auditing template.

Excluded Accounts Auditing page

Delete | Delete File Path

Use to remove the selected file path from a File System auditing or protection template, an EMC auditing template or a NetApp auditing template.

File System Auditing page

EMC Auditing page

NetApp Auditing page

Delete | Delete Object

Use to remove the selected object from custom Active Directory or ADAM auditing; an Active Directory, ADAM (AD LDS) or Group Policy protection template.

Active Directory Auditing & Protection pages

ADAM (AD LDS) Auditing & Protection pages

Group Policy Protection page

Delete | Delete Object Class

Use to remove the selected object class from the Active Directory or ADAM (AD LDS) auditing list.

Active Directory Auditing page

ADAM (AD LDS) Auditing page

Delete | Delete Override Account

Use to remove the selected override account from a protection template.

Protection pages

Delete | Delete Path

Use to remove the selected path from the auditing template.

SharePoint Auditing page

Delete | Delete Registry Key

Use to remove the selected registry key from a Registry auditing template.

Registry Auditing page

Delete | Delete Service

Use to remove the selected service from a Service auditing template.

Service Auditing page

Delete | Delete SQL Instance

Use to remove the selected SQL instance from a SQL auditing template.

SQL Auditing page

Delete | Delete Template

Use to remove the selected auditing or protection template.

Protection pages

Delete Criteria

Use to remove the selected entry from the What search criteria list.

Use to launch the report designer to create a custom report layout for a selected search query.

Use to disable the selected events.

Event Details pane

Audit Events page

Used to disable a private alert.

Private Alerts and Reports page

Used to disable a private report.

Private Alerts and Reports page

Use to modify the selected item.

Most Administration Tasks pages, including:

•

Purge Jobs page

•

Report Layouts page

•

Application User Interface page

•

•

Protection pages

Edit Event Class

Use to modify the selected entry in the What search criteria list.

Use to modify the type of logons included in a logon search.

Use to launch the configured email client to email the selected event details.

Event Details pane

Use to enable the selected events.

Audit Events page

Event Details pane

Use to display the Event Details pane across the bottom of the Overview pane, Search Results page, or Alert History page.

Search Results page

Alert History page

Use to enable or disable event logging.

Agent Configuration page

Use to show the explorer view in the left-hand pane of the Searches page.

Use to search for text in the currently displayed trace log. Enter a word or string of characters to be located.

Use to force a topology harvest refresh to discover new servers added to the Active Directory forest and display them on the Deployment page.

NOTE: Topology scan takes a long time when the environment contains a large number of workstations.

Deployment page

Use to hide the explorer view and display only the Searches list on the Searches page.

Hide Properties

Use to hide the Search Properties tabs across the bottom of the Searches page.

Use to hide the Resource Properties pane across the bottom of the Agent Statistics page.

Agent Statistics page

Hide Uninstalled Agents

Use to remove uninstalled agents from the current Agent Statistics view.

Agent Statistics page

Hide Uninstalled Coordinators

Use to remove uninstalled coordinators from the current Coordinator Statistics view.

Coordinator Statistics page

High/Medium/Low

Use to change the severity level assigned to the selected events.

Audit Events page

Install or Upgrade

Use to install or upgrade an agent on the selected servers.

Deployment page

Use to display the associated Event Reference Guide.

Audit Events page

Event Details pane

View Coordinator Log

Use the Log options as described below:

•

Open Log - use to retrieve a Change Auditor trace log file and display it in the client.

•

Get All Logs - use to retrieve any associated logs and save them to a specified location on the local machine.

•

View Agent Log - use to display the current Change Auditor agent trace log in the Change Auditor client.

•

View Coordinator Log - use to display the current coordinator trace log in the client.

Agent Configuration page

Agent Statistics page

Coordinator Statistics page

Deployment page

Use to locate log entries that match the case that was entered in the search text.

Use the New options as described below:

•

New Folder - use to create a new folder in the explorer view of the Searches page.

•

New Search - use to create a new search definition.

Use to enable or disable the automatic deployment of agents to new servers found in your Active Directory forest.

Deployment page

Use to move to the next log entry that contains the search text.

Use to display the Overview panes across the bottom of the Overview page.

Preview Changes

Use to run the search based on the changes made to the search query and display the results in the current Search Results page.

Search Properties tabs (Search Results page)

Use to display a query results report.

Use to move to the previous log entry that contains the search text.

Use the print options to print or save the contents of the displayed page.

•

Print - use to send the contents of the active page to a designated printer.

•

Print to File - use to save the contents of the active page to either an Excel (.xls) or comma delimited (.csv) file.

•

Print to PDF - use to save the contents of the active page to a PDF file.

•

Print Preview - use to display the print layout of the active page prior to printing it.

•

Page Setup - use to define the page settings for printing.

Use to protect Active Directory objects, ADAM (AD LDS) objects, Group Policy Objects, Exchange mailboxes, File System files and folders against unauthorized modifications.

Event Details pane

Use to retrieve and display the latest data available.

Refresh Configuration

Use to retrieve the current agent configuration assignments.

Agent Configuration page

Use to refresh the deployment status of the selected servers.

Deployment page

Use to view additional details about the user who initiated the change, view resource details about the machine where the change occurred, or run related searches based on the who, where, what, when or origin of an event.

Event Details pane

Use to stop and then restart an agent. This button is only available when an agent is in an ‘active’ state.

Agent Statistics page

Use to restore the current value (To value) to a its previous value (From value).

NOTE: Applies to 6.x (and higher) events reporting Active Directory attribute changes only.

Event Details pane

Use to run the selected search and display the events returned in a new Search Results page.

Search Properties tabs

Use to save a newly created search or modifications made to a search definition.

Search Properties tabs

Save As Default

Use the Save As options as described below:

•

Save As - use to save the search definition using a different name and/or location.

•

Save As Default - use to save the search definition as the new default for creating new searches.

Search Properties tabs

Search Properties

Use to display the Search Properties tabs across the bottom of the page.

Search Results page

Use to select all the entries in the currently displayed trace log, which can then be copied for use in another application.

Set Agent Uninstalled

Use to flag the selected agent as ‘uninstalled’.

NOTE: This button is only available when the selected agent is in an ‘active’ state.

Agent Statistics page

Set Coordinator Uninstalled

Use to flag the selected coordinator as ‘uninstalled’.

NOTE: This button is only available when the selected coordinator is in an ‘active’ state.

Coordinator Statistics page

Shared Mailboxes

Use to view automatically detected shared mailboxes or to define a shared mailbox on the Exchange Mailbox auditing page.

Exchange Mailbox Auditing page

Show Matched Entries Only ()

Use to display only the log entries that match the word/string of characters entered in the search text.

Show Properties

Use to display the Search Properties tabs across the bottom of the Searches page.

Use to display the Resource Properties pane across the bottom of the Agent Statistics page.

Agent Statistics page

Show Uninstalled Agents

Use to include uninstalled agents in the current Agent Statistics view.

Agent Statistics page

Show Uninstalled Coordinators

Use to include uninstalled coordinators in the current Coordinator Statistics view.

Coordinator Statistics page

Use to start a stopped agent. This button is only available when an agent is in an ‘inactive’ state.

Agent Statistics page

Use to stop an agent. This button is only available when an agent is in an ‘active’ state.

Agent Statistics page

Use to generate a test email based on the configuration information entered in the SMTP Configuration pane.

Coordinator Configuration page

Use to generate a test SNMP trap based on the configuration information entered in the SMTP Configuration pane.

Coordinator Configuration page

Use to uninstall the agent from the selected servers.

Deployment page

Right-click commands

The following table lists the commands which are available through right-click functionality. The commands are listed in alphabetical order with a reference to the pages from which they can be accessed.

Table 3. Right-click commands

Present on the following pages

Add Application Group

Administration Tasks tab:

•

Application User Interface Authorization - Role

•

Application User Interface Authorization - Member

Add Task Definition

Administration Tasks tab:

•

Application User Interface Authorization - Role

•

Application User Interface Authorization - Member

Add Role Definition

Administration Tasks tab:

•

Application User Interface Authorization - Role

•

Application User Interface Authorization - Member

Enable Transport

Disable Transport

Searches page - Search definition (right pane)

NOTE: The History and Delete History options are only displayed when alerting has been enabled for a search.

Administration Tasks tab:

•

Audit Events - event

Administration Tasks tab:

•

Agent Configuration

Assign to Configuration

Administration Tasks tab:

•

Excluded Accounts Auditing - template or account

•

File System Auditing - template or file path

•

File System Protection - template or file path

•

Registry Auditing - template or registry key

•

Services Auditing - template or service

•

SQL Auditing - template or instance

•

SQL Data Level Auditing - template

Exchange Mailbox Auditing page - excluded mailbox

Deployment page - agent

Searches page - folder (left pane)

Overview page - event (data grid)

Search Results page - event (data grid)

Administration Tasks tab:

•

Coordinator Configuration - text boxes

•

Excluded Accounts Auditing - template

•

File System Auditing - template

•

Registry Auditing - template

•

Report Layouts - template

•

Services Auditing - template

•

SQL Auditing - template

•

SQL Data Level Auditing - template

Event Details pane (text boxes)

Overview page - event (data grid)

Search Properties tabs:

•

Report tab (text boxes)

•

Info tab (text boxes)

Searches Results page - event (data grid)

•

Folder (left pane)

•

Search definition (right pane)

Deployment page - agent

Administration Tasks tab:

•

Coordinator Configuration (text boxes)

Search Properties tabs:

•

Report tab (text boxes)

•

Info tab (text boxes)

•

Folder (left pane)

•

Search definition (right pane)

Administration Tasks tab:

•

Active Directory Auditing - object

•

Active Directory Auditing - object class

•

Application User Interface Authorization - role

•

Coordinator Configuration - text boxes

•

EMC Auditing - template or file path

•

Exchange Mailbox Auditing - mailbox

•

Exchange Mailbox Protection - template or mailbox

•

Excluded Account Auditing - template or account

•

AD Query Auditing - container

•

File System Auditing - template or file path

•

File System Protection - template or file path

•

NetApp Auditing - template or file path

•

Purge Jobs - job

•

Registry Auditing - template or registry key

•

Report Layouts - template

•

Services Auditing - template or service

•

SharePoint Auditing - template or path

•

SQL Auditing - template or instance

•

SQL Data Level Auditing - template

•

VMware Auditing - template

Search Properties tabs:

•

Report tab (text boxes)

•

Info tab (text boxes)

•

Folder (left pane)

•

Search definition (right pane)

Administration Tasks tab:

•

Active Directory Auditing - object

•

Active Directory Protection - template or object

•

Audit Events - event

•

EMC Auditing - template or file path

•

Exchange Mailbox Auditing - mailbox

•

Exchange Mailbox Protection - template or mailbox

•

Excluded Accounts Auditing - template

•

AD Query Auditing - container

•

File System Auditing - template or file path

•

File System Protection - template or file path

•

Group Policy Protection - template or object

•

NetApp Auditing - template or file path

•

Purge Jobs - job

•

Registry Auditing - template or registry key

•

Services Auditing - template or service

•

SharePoint Auditing - template or path

•

SQL Auditing - template or instance

•

SQL Data Level Auditing - template

•

VMware Auditing - template or host

Overview page - event (data grid)

Search Results page - event (data grid)

Private Alerts and Reports page

Private Alerts and Reports page

Administration Tasks tab:

•

Active Directory Auditing - object or object class

•

Active Directory Protection - template, object or attribute protection

•

Application User Interface Authorization - role

•

EMC Auditing - template or file path

•

Exchange Mailbox Protection - template or mailbox

•

Excluded Accounts Auditing - template or account

•

File System Auditing - template or file path

•

File System Protection - template or file path

•

NetApp Auditing - template or file path

•

Purge Jobs - job

•

Registry Auditing - template or registry key

•

Report Layouts - template

•

Services Auditing - template or service

•

SharePoint Auditing - template or path

•

SQL Auditing - template or instance

•

SQL Data Level Auditing - template

•

VMware Auditing - template or host

Overview page - event (data grid)

Search Results page - event (data grid)

Administration Tasks Tab:

•

Active Directory Auditing - object

•

Active Directory Protection - template or object

•

Audit Events - event

•

EMC Auditing - template or file path

•

Exchange Mailbox Auditing - mailbox

•

Exchange Mailbox Protection - template or mailbox

•

Excluded Accounts Auditing - template

•

AD Query Auditing - container

•

File System Auditing - template or file path

•

File System Protection - template or file path

•

NetApp Auditing - template or file path

•

Purge Jobs - job

•

Registry Auditing - template or registry key

•

Services Auditing - template or service

•

SharePoint Auditing - template or path

•

SQL Auditing - template or instance

•

SQL Data Level Auditing - template

•

VMware Auditing - template or host

Overview page - event (data grid)

Search Results page - event (data grid)

Overview page - event (data grid)

Search Results page - event (data grid)

Exchange Mailbox Auditing page - audited mailbox

Searches page - folder (left pane)

•

Folder (left pane)

•

Search definition (right pane)

Hide Properties

•

Folder (left pane)

•

Search definition (right pane)

Agent Statistics page - agent

High/Medium/Low

Administration Tasks tab:

•

Audit Events Auditing

Searches Page - folder (left pane)

Searches Page - folder (left pane)

Install or Upgrade

Deployment page - agent

Administration Tasks Tab:

•

Audit Events Auditing

Overview page - event (data grid)

Search Results page - event (data grid)

View Coordinator Log

Agent Statistics page - agent

Coordinator Statistics page - coordinator

Deployment page - agent

•

Folder (left pane)

•

Search definition (right pane)

•

Folder (left pane)

•

Search definition (right pane)

Overview page - event (data grid)

Administration Tasks tab:

•

Coordinator Configuration (text boxes)

Search Properties tabs:

•

Report tab (text boxes)

•

Info tab (text boxes)

•

Folder (left pane)

•

Search definition (right pane)

Publish to Quest Knowledge Portal

•

Folder (left pane)

•

Search Definition (right pane)

Administration Tasks tab:

•

Coordinator Configuration (text boxes)

Search Properties tabs:

•

Report tab (text boxes)

•

Info tab (text boxes)

Refresh Configuration

Administration Tasks tab:

•

Agents Configuration

Deployment page - agent

Searches page - folder (left pane)

Searches page - search definition (right pane)

Agent Statistics page - agent

Searches page - Search definition (right pane)

Exchange Mailbox Auditing page - audited mailbox

Search Properties

Search Results page - event (data grid)

Active Directory Protection page - object

Group Policy Protection page - object

Administration Tasks tab:

•

Coordinator Configuration - text boxes

Event Details pane - text boxes

Search Properties tabs:

•

Report tab (text boxes)

•

Info tab (text boxes)

Set Agent Uninstalled

Agent Statistics page - agent

Set As My Favorite

Searches page - Search definition (right pane)

Set Coordinator Uninstalled

Coordinator Statistics page - coordinator

Show Properties

•

Folder (left pane)

•

Search Definition (right pane)

Agent Statistics page -agent

Agent Statistics page - agent

Agent Statistics page - agent

Administration Tasks tab:

•

Audit Events - event

Success and Protected Only

Administration Tasks tab:

•

Audit Events - event

Success and Failed Only

Administration Tasks tab:

•

Audit Events - event

Administration Tasks tab:

•

Coordinator Configuration - text boxes

Search Properties tabs:

•

Report tab (text boxes)

•

Info tab (text boxes)

Deployment page - agent

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating

© ALL RIGHTS RESERVED. Feedback Terms of Use Privacy Cookie Preference Center