立即与支持人员聊天
与支持团队交流

Change Auditor 7.3 - User Guide

Change Auditor Overview Agent Deployment Change Auditor Client Overview Overview Page Searches Search Results and Event Details Custom Searches and Search Properties Enable Alert Notifications Administration Tasks Agent Configurations Coordinator Configuration Purging and Archiving your Change Auditor Database Disable Private Alerts and Reports Generate and Schedule Reports SQL Reporting Services Configuration Change Auditor User Interface Authorization Client Authentication Certificate authentication for client coordinator communication Integrating with On Demand Audit Enable/Disable Event Auditing Account Exclusion Registry Auditing Service Auditing Agent Statistics and Logs Coordinator Statistics and Logs Change Auditor Commands Change Auditor Email Tags

Using custom filters

The following procedures walk you through a few scenarios using custom filters.

1
Run the All Events search.
3
5
1
Run the All Events search.
3
5

Directory object picker

Throughout the client, the directory object picker is used to locate and select Active Directory objects from the environment. This object picker is displayed in either a stand-alone dialog (such as the Select Active Directory Objects dialog) or as a page in a wizard. The client needs to be able to connect to a Global Catalog (GC) to display the object picker and query objects. The client contacts the coordinator to get the Global Catalog that should be used. The coordinator attempts to choose a GC in its local domain and site. If none is found, it chooses one in its domain, then in the local site, and lastly the entire forest. It is recommended to have the coordinator and the client reside in the same site and/or domain so that the directory object picker performs more efficiently.

The object picker consists of the following pages:

Browse - use the Browse page to select a directory object from a hierarchical view of your environment
Search - use the Search page to search your environment to locate and select a directory object
Options - use the Options page to view or modify search options used to retrieve directory objects
2
In the Forest field, select the forest that contains the required directory objects.
Use the F5 button to force a refresh of the contents of this pane.
5
In the object list, click the object to select it and use the Add button to add it to the Selected Objects list at the bottom of the dialog.
6
Once you have added objects to this list, use the Select button to save your selection and close the dialog. Or if the directory object picker is part of a wizard, click Next to save your selection and continue.
2
In the Find field, either enter or use the drop-down menu to select the type of directory object to be located.
3
In the Name field, specify a search expression to be used to search Active Directory to locate a particular object. In most cases, this field will contain an asterisk (*) indicating to search for all objects of the type specified in the Find field.
Select the ANR check box to use Ambiguous Name Resolution (ANR) as the search algorithm, which allows you to enter limited input (partial data) to find multiple objects in your network.
When the ANR check box is checked, use one of the following methods to enter your search expression:
When the ANR check box is not checked, the search expression entered will be used to search only the Display Name of directory objects to locate a particular object.
4
After entering a search expression, use the Search button to initiate the search and return the results of the search.
6
Once you have added objects to this list, use the Select button to save your selection and close the dialog. Or if the directory object picker is part of a wizard, click Next to save your selection and continue.
2
The Search Limit field specifies the maximum number of records to return for an Active Directory object search. The default is 2000 records.
3
The Page Size field displays the maximum number of records to return per LDAP polling cycle.
4
Once you have made changes on the Options page, use the Select button to save your selection and close the dialog. If the directory object picker is part of a wizard, click Next to save your selection and continue.

Overview Page

Overview

Once agents are deployed, the Overview page initially displays when the client successfully connects to a coordinator. This page highlights application details based on your preference. For example, you can display Agent Status, Top Agent Activity, Recent Event Activity, Coordinator Status, Event Counts, or Alert History Counts.

You can view a real-time stream of events based on a ‘favorite’ search definition. By default, the top pane uses the Change Auditor Real-Time search definition and display all events (up to 10,000 records) generated in the last 20 minutes. You can, however, define a different ‘favorite’ search and the events captured from that search will then be displayed across the top of the Overview page.

The information on this page is captured when the client starts. To refresh all of the information displayed on the Overview page, select Refresh. Also, when you select a different pane for display, the latest information for the 'new' pane will be displayed.

相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级