Chat now with support
Chat with Support

Change Auditor 7.4 - User Guide

Change Auditor Overview Agent Deployment Change Auditor Client Overview Overview Page Searches Search Results and Event Details Custom Searches and Search Properties Enable Alert Notifications Administration Tasks Agent Configurations Coordinator Configuration Purging and Archiving your Change Auditor Database Disable Private Alerts and Reports Generate and Schedule Reports SQL Reporting Services Configuration Change Auditor User Interface Authorization Client Authentication Certificate authentication for client coordinator communication Integrating with On Demand Audit Enable/Disable Event Auditing Account Exclusion Registry Auditing Service Auditing Agent Statistics and Logs Coordinator Statistics and Logs Change Auditor Commands Change Auditor Email Tags

Working with an On Demand Audit configuration

You can view the On Demand Audit configuration details in Change Auditor; however, the configuration is managed (paused, started, or removed) through On Demand Audit. See the On Demand Audit User Guide for details.

1
From the Administration Tasks, select Configuration | On Demand Audit.
2
Click Refresh to update the information.

ActiveBatchSize

The current batch size. (The current number of events to include in a single notification message.) The batch size is automatically adjusted based on network throughput and system performance. Its value never exceeds the specified batch size.

AllowedCoordinators

List of coordinators permitted to send events.

BatchSize

Batch size. (The maximum number of events that the active batch size can increase to.)

BatchesSent

Number of batches sent.

Enabled

Whether the subscription is enabled.

EventsSent

Number of events sent.

LastCoordinator

The coordinator that is sending events. If the subscription is disabled, this is the last coordinator that sent events.

LastEventResponse

The last event response. Provides the response in JSON format from the event receiver.

LastEventTimeUTC

When the last event was sent.

NotificationInterval

How often how often (in milliseconds) notifications are sent.

StartTimeUTC

Starting point in time for events being sent.

Subscription Id

The subscription ID.

Subsystems

Subsystems that contain the event data being sent.

Webhook Subscription Id

The webhook subscription ID.

1
From the Administration Tasks, select Configuration | On Demand Audit.

 

 

Enable/Disable Event Auditing

Introduction

You can enable/disable the auditing of individual events so that Change Auditor is auditing only those events that are vital to your organization’s operation. In addition, you can modify the severity level (high, medium, or low) and description assigned to each event. The severity level is used when processing events and to help you in determining the potential level of risk associated with each configuration change event.

Audit Events page

The Audit Events page is displayed when Audit Events is selected from the Auditing task list in the navigation pane of the Administration Tasks tab, and lists all of the events available for auditing. It also displays the facility and subsystem to which the event belongs, the severity assigned to each event, if the event is enabled or disabled and the type of license that is required.

The Audit Events page contains an alphabetical list of all the Change Auditor events, including the following information:

Severity

Indicates the severity level assigned to each event:

When your cursor is placed in this cell, a drop-down arrow is added allowing you to change an event’s severity setting.

Facility Name

Displays the name of the facility to which each event belongs.

Event Class

Displays a descriptive title for each event.

Status

Indicates whether the event is enabled or disabled.

When your cursor is placed in this cell, a drop-down arrow is added allowing you to either enable or disable the event.

License Type

Displays the type of Change Auditor license required for each event:

Results

Displays the result criteria used to capture change events. That is, you can use the options in this column to specify if an event is to be captured based on the results of the operation mentioned in the event.

For example, if you only want to capture successful events where the operation occurred as stated in the event, you would set this to Success Only. Then, if the change was prevented from occurring as stated in the event (because the object was protected by Change Auditor or the operation was prevented due to a factor/setting outside of Change Auditor’s control) the associated event would not be captured.

Subsystem

Displays the name of the subsystem to which each event belongs.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating