Active Directory subsystems (for example, Net Logon) provide for security functions; therefore, errors in their operation may indicate security breaches. This InTrust report helps track such errors.
Errors or warnings from the event log could be an indication of intruder activity or an auditing system malfunction. This InTrust report shows situations when event logs generated warnings or errors.
This InTrust report shows situations when a logon failed because the Net Logon service was not running or because an unspecified error occurred. The Net Logon service is used for authenticating users and services via a secure channel between a workstation and a domain controller. The report helps respond to such significant errors as soon as possible.
This InTrust report shows some events from the security policy subsystem which could be an indication of intruder activity or a potential security breach.
This InTrust report shows windows file protection system events. They indicate activity that might affect critical system files. Events not caused by legitimate tasks (such as installing or uninstalling software) may indicate intrusion attempts.
This InTrust report summarized each program executed by server and how many times the program was executed during selected time period.
This InTrust report shows whether the applications you specify were started. If an application is prohibited, its launch may indicate a security issue. What is more, running restricted software often means corporate policy violations.
This InTrust report shows the number of reboots for the servers in your environment within a specified time period. Click a number in the Count column to view details of each reboot event in a subreport. If reboots are too frequent or too numerous, this may indicate a problem with the computers where they occur.
This InTrust report shows both expected and unexpected server reboots (Windows 2003, Windows 2008 only). Notes: Please ensure than Shutdown Event Tracker service is enabled at your servers.
The set of system services installed is a significant term of server configuration. Unauthorized service installation attempt may indicate that system intrusion is occurred. This InTrust report is based on the following events: 4697 for Windows 2008/Vista, 601 for other Windows versions
This InTrust report helps track what software products are installed or failed to install on which computers. The report shows only those products whose setup programs use Windows Installer. Using the Grouping filter, you can organize the information as necessary. To see what software was installed on particular computers, use grouping by computer. To find out where certain software products were installed, use grouping by software product.
© 2024 Quest Software Inc. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy Cookie Preference Center