立即与支持人员聊天
与支持团队交流

Change Auditor 7.4 - User Guide

Change Auditor Overview Agent Deployment Change Auditor Client Overview Overview Page Searches Search Results and Event Details Custom Searches and Search Properties Enable Alert Notifications Administration Tasks Agent Configurations Coordinator Configuration Purging and Archiving your Change Auditor Database Disable Private Alerts and Reports Generate and Schedule Reports SQL Reporting Services Configuration Change Auditor User Interface Authorization Client Authentication Certificate authentication for client coordinator communication Integrating with On Demand Audit Enable/Disable Event Auditing Account Exclusion Registry Auditing Service Auditing Agent Statistics and Logs Coordinator Statistics and Logs Change Auditor Commands Change Auditor Email Tags

Configure email alert notifications/reports

To dispatch alerts and reports through email, SMTP or Microsoft 365 Mail, you need to enable notification and define the email settings.

1
Open the Administration Tasks page and click Configuration at the bottom of the navigation pane (left pane).
2
Select Coordinator in the Configuration task list to open the Coordinator Configuration page.

 

Disabled

Select to disable email notifications.

SMTP

Select this to enable SMTP email alert notifications and reporting. When this option is selected, you can specify a mail server and authentication options for the SMTP email configuration.

Server Requires Authentication : Select this check box if the specified email server requires authentication and enter the account information as described below.
Enable SSL : Select this check box to enable Secure Socket Layer (SSL) encryption protocol to create a secure connection for transmitting data from the email server.
Requires Comma-Separated Addresses: Select this option if your SMTP server requires comma separated addresses when multiple recipients are specified.
Mail Server: When SMTP is enabled for alerts and reporting, enter the name or IP address of the email server in this text box.
Account Name : Enter the account name required to authenticate to the specified email server. Instead of entering the account name, you can use the browse button to the far right of the Account Name field to select the account to be used. Clicking this button displays the Select Active Directory Object dialog (Directory object picker). Use the Browse or Search pages to locate the user account to be used to authenticate to the email server.
Password : Enter the password associated with the account name entered above. Blank passwords are not allowed.

Microsoft 365 Mail

Select this to enable Microsoft 365 Mail alert notifications and reporting. When this option is selected, you can specify an Azure Directory Name and web application for the email configuration.

Azure Directory Name: The name of the Azure Directory for Microsoft 365 Mail.
Application ID: The Azure web application ID. If required select Create New to create a new application. (When creating a new web application, the account provided must hold the Global Administrator role in the specified Azure Active Directory.)
Application Key: The Azure web application key.

From Address

Enter the email address from which alert notifications and reports are to originate.

You can use the browse button to select the user whose email address is to be used for alert notifications and email reports. Clicking this button displays one of the following dialogs:

The Select Active Directory Objects dialog (Directory object picker) allows you to locate and select an Active Directory user. Use the Browse or Search page to locate and select an Active Directory user.
The Select Exchange Users dialog allows you to search for and select a mail-enabled object from the Exchange Global Access List (GAL). On the Exchange tab, enter a name or partial name, at least three characters long, and click the Search button to lookup mail-enabled objects in the GAL. On the Active Directory tab, use the Browse or Search page to locate and select an Active Directory user.

This dialog is displayed when an Exchange host is defined in the Coordinator Configuration page.

Reply To

Enter the address where replies to alert/report emails are to be sent.

You can use the browse button to select the user whose email address is to be used for alert notifications and email reports. Clicking this button displays one of the following dialogs:

The Select Active Directory Objects dialog (Directory object picker) allows you to locate and select an Active Directory user. Use the Browse or Search page to locate and select an Active Directory user.
The Select Exchange Users dialog allows you to search for and select a mail-enabled object from the Exchange Global Access List (GAL). On the Exchange tab, enter a name or partial name, at least three characters long, and click Search to lookup mail-enabled objects in the GAL. On the Active Directory tab, use the Browse or Search page to locate and select an Active Directory user.

This dialog is displayed when an Exchange host is defined in the Coordinator Configuration page.

Alert Subject

 

Enter a customized subject line to replace the default text in the subject line for alert notifications. The default subject line contains the following information:

Change Auditor %Alert_Type% from %Alert_Coordinator_Name%: %Alert_Name%

Where:

%Alert_Type% is either ‘Alert’ or ‘Smart Alert’
%Alert_Coordinator_Name% is the name of the coordinator generating the alert
%Alert_Name% is the name of the alert that fired

Click the browse button to select the variables to insert into the subject line or to reset it back to the default content. Expand the Insert Variable option to insert one or more of the following variables into the subject line:

Select Restore To Default to reset the subject line back to the default content. That is, remove any variables that were inserted.

Send Plain Text Email

Select this option to have the email notification sent in plain text format. (Default)

Send HTML Email

Select this option to have the email notification sent in HTML format.

Configure Body

Click this button to define the content of the main body, the event details and the signature to be included in your alert emails.

NOTE: The Alert Body Configuration settings do not apply to email reports. To define the content (columns) to be included in a report, use the Layout tab. In addition, you can use the Report Layouts page (Administration Tasks tab) to create customized report layout template(s) defining the header and footer information to be used in your reports.

Mailbox Search (optional)

Entering the Exchange host information allows you to lookup email recipients from the Exchange GAL in addition to Active Directory. That is, when you click a browse button on the SMTP Configuration pane, Alert Custom Email dialog or Report tab to lookup an email recipient, the Select Exchange Users dialog appears which contains both an Exchange tab and an Active Directory tab.

Exchange Host: Enter the internet host name of the Exchange email server and the Exchange version associated with the specified Exchange host.
Email: Enter your full email address.
My Host Requires Authentication : Select this check box if the specified Exchange host requires authentication and enter the account name and password.
Account Name : Enter the user account name used to log into your email account. You can also use the browse button to select the account to be used. Clicking this button displays the Select Active Directory Object dialog (Directory object picker). Use the Browse or Search pages to locate the user account to be used to authenticate to the Exchange host.
4
Click Test Mail to test the configuration.
5
Once the email server configuration is verified, click Apply Changes to save the configuration.

Customize alert email content

In addition to the customizable fields (Reply To, Alert Subject and Signature) on the Coordinator Configuration dialog, you can use the Configure Body button to define the content to be used in the main body of your alert emails as well as the event details to be included.

NOTE: The Alert Body Configuration settings do not apply to email reports. To define the content (columns) to be included in a report, use the Layout tab. In addition, you can use the Report Layouts page (Administration Tasks tab) to create customized report layout templates defining the header and footer information to be used in your reports.
1
Click Configure Body to display the Alert Body Configuration dialog.
2
Select the appropriate option (at the bottom of the dialog) to edit either the Plain Text (default) or the HTML representation of the alert emails.
3
Use the Main Body tab to enter the text to be included and define the overall layout of the alert body.
Select the Show Variables check box to display the variables that can be added to the main body of your email.
4
Use the Event Details tab to specify the event details to be included. That is, you can rearrange the entries, remove entries, or modify text, etc.
Select the Show Variables check box to display a list of the variable that can be added to the event details of your alert email.
NOTE: Do not modify the blue text surrounded by percent signs (such as %USERNAME%). These are tags which represent actual data retrieved from the Change Auditor event that triggered the alert. See Change Auditor Email Tags for more information on these tags and the data retrieved by each.
5
Use the Signature tab to define the content of the signature line to be used in alert emails.
6
7
Once defined, click OK to save your settings and close the Alert Body Configuration dialog.
NOTE: Click Restore to Default to revert back to the default email content and format.

Shared Folder Configuration

To allow users to send reports to a shared folder, you must specify credentials to use to write reports and a default shared folder.

2
Select Coordinator in the Configuration task list to open the Coordinator Configuration page.
3
Under Shared Folder Configuration, select Enable Shared Folder for Reporting. Checking this option activates the remaining fields on this page to define the account credentials and folder to use.
5
Select a shared folder to use as the default when users select to enable reporting for a search. Select Test access to ensure that the folder exists and the specified account has permissions to write to it.

Group Membership Expansion

The middle pane of the Coordinator Configuration page contains options which allow you to define the schedule for expanding nested membership of Active Directory groups that are referenced in searches (Who search criteria) or groups that are defined in the Member of Group feature. Group membership will be recursively enumerated in order to determine nested group membership.

Use the following options to define group membership expansion behavior:

Select one of the following options to define how you want to expand groups:

Expand all groups - This expands all groups in the forest. Use this only if you are using SSIS and need the freedom to make requests for any group in the forest.
Expand groups that are referenced in existing queries - Change Auditor must expand all groups in queries in order to get their membership. With the membership, the events for the groups can be retrieved. This is always done and cannot be disabled.
Expand groups that are referenced in existing queries and selected groups (default) - In addition to the groups referenced in existing queries, you have the ability to select other groups. This would be useful when you have groups that need expansion for SSIS database requests, but you do not want to burden your production system with expanding all groups in the environment.

Group Membership Expansion list

The Group Membership Expansion list box is only available when the Expand groups that are referenced in existing queries and selected groups option is selected and displays a list of the groups to be expanded. Use Add to add groups to this list box and Remove to remove groups from the list box.

Add

Use to add groups to the group membership expansion list. Clicking this button will display the Select Active Directory Objects dialog allowing you to locate and select the groups to be added.

See Directory object picker for a description of the Browse, Search and Options pages. Note that the Find field on this dialog will display Group and cannot be changed.

Remove

Use to remove the selected group from the group membership expansion list.

Select from the following options to define how often you want to refresh the group membership expansion list.

Refresh group membership every nnn minutes

By default, group membership will be refreshed every 360 minutes. Use the arrow controls to increase or decrease this value.

Valid range: 10 - 43200

Number of groups to expand every 5-minute cycle

By default, 20 groups will be expanded every 5-minute cycle. Use the arrow controls to increase or decrease this value

Valid range: 1 - 100000

Refresh the list of expanded groups every nnn minutes

By default, the group membership expansion list is refreshed every 180 minutes. Use the arrow controls to increase or decrease this value.

Valid range: 10 - 43200

Defaults

Use to reset the fresh frequency settings back to the factory defaults.

相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级