立即与支持人员聊天
与支持团队交流

ControlPoint 8.8.1 - Administration Guide

Preface Configuring the Environment in Which ControlPoint Will Run The ControlPoint Configuration Site Managing Your Farm List Managing Your ControlPoint License Granting ControlPoint Access to Web Applications and Content Databases Configuring ControlPoint Services Using Discovery to Collect Information for the ControlPoint Database Cache Using Sensitive Content Manager Services Managing ControlPoint Configuration and Permissions Preparing Your Environment for Using ControlPoint Sentinel Modifying ControlPoint Configuration Settings
Changing Default Settings for Actions and Analyses Changing Default Settings to Improve Application Performance Audit Log Configuration Settings Changing Settings for Anomalous Activity Detection Restricting Functionality for Members of the Business Administrators Group Changing Default Settings for ControlPoint User Groups Changing Settings to Improve Discovery Performance Changing Settings to Accommodate Special Environmental Factors Changing Default Settings for Navigation Managing Site Provisioning Settings Specifying Global Settings for ControlPoint Policies Setting Preferences for the ControlPoint Scheduler Miscellaneous and Custom Configuration Settings Special-Purpose Configuration Settings
Changing Trace Switch Logging Levels Archiving SharePoint Audit Log Data Troubleshooting
ControlPoint Log Files Troubleshooting Configuration Errors Troubleshooting the ControlPoint Application Interface Troubleshooting Discovery Troubleshooting SharePoint Users and Permissions Troubleshooting Site Provisioning Troubleshooting ControlPoint Operations

Excluding Users from Audit Log Analyses (ExcludeUsersAudit)

By default, unless one or more users are specified in the People Picker, all SharePoint users are included in the ControlPoint Audit Log analysis.

ControlPoint Application Administrators can, however, exclude certain users from these analyses by entering the user account name(s) as the Value for the ControlPoint Configuration Setting Users to Exclude from Audit Log Analyses (ExcludedUsersAudit).  Enter multiple account names as a comma-separated list.

You may, for example, want to exclude common system accounts such as SharePoint\System.

NOTE:  You must exclude users based on full account names (sometimes known as pre-Windows 2000 account names in Active Directory), not display names.  For example, you cannot exclude system accounts by entering the display name System Account.

Config Settings ExcludeUsersAudit

Note that you can still run Audit Log analyses on excluded users if you enter them in the People Picker.  

NOTE:  Users can be excluded from permissions and activity analyses via the ControlPoint Configuration Setting Users to Exclude from Reports (EXCLUDEDUSERS).

 

Specifying Whether to Display Site Names in Audit Log Analyses (PROCESSAUDITNAMES)

By default, ControlPoint Audit Log analysis results include name of the Site on which audited activity occurred.  The process required for ControlPoint to collect this information is time-consuming and may affect performance, especially if the scope of the analysis is large.

PROCESSAUDITNAMEStrue

ControlPoint Application Administrators can, however, prevent this process from being carried out by changing the ControlPoint Configuration Setting PROCESSAUDITNAMES from True to False.

Config Setting PROCESSAUDITNAMES

Note that, if PROCESSAUDITNAMES is set to false, you can use the url to identify the site where audited activity occurred.

PROCESSAUDITNAMESfalse

 

Changing Settings for Anomalous Activity Detection

The following ControlPoint Sentinel Anomalous Activity Detection settings display under the category Audit Log.

·Enabling Anomalous Activity Detection via the ControlPoint Scheduled Job Review

·Changing the Subject and/or Body of Anomalous Activity Detection Emails

Enabling Anomalous Activity Detection via the ControlPoint Scheduled Job Review

As part of preparing your environment for using ControlPoint Sentinel, Anomalous Activity Detection must be enabled to run:

·via the ControlPoint Anomalous Activity Detection job in Central Administration

OR

·as part of the ControlPoint Scheduled Job Review, by changing the ControlPoint Setting Enable Options That Require Anomalous Activity Detection from False to True.

NOTE:  This is an Advanced Setting in the Audit Log category.

Config Setting AADENABLED

See also "Preparing Your Environment for Using ControlPoint Sentinel" in the ControlPoint User Guide.

相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级