Versions Compared

Version Old Version 12 New Version 13
Changes made by

Former user

Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Table of Contents
minLevel2
maxLevel2
typeflat

Purpose

The Windows System Audit Activeboard performs detailed system-level analysis on the Windows host by analyzing system events, account login statuses, and policy changes.

Expand
titleWatch video tutorial
Widget Connector
overlayyoutube
_templatecom/atlassian/confluence/extra/widgetconnector/templates/youtube.vm
width600600px
urlhttps://youtuwww.youtube.becom/watch?v=QEh86RxXDFc
height300px

Pre-requisites

To run this Activeboard, you must have the following data sources available on your domain:

Open Windows System Audit Activeboard

Once you have installed the application, you can access the Activeboard in the following ways:

Go to Exchange in the navigation and look for the Activeboard you want to open. Click Open.

Go to Activeboards in the navigation pane and use the filter to open the Activeboard you downloaded.

Info

Know more about Activeboards

Refer to Manage and filter Activeboards article to know how to work with Activeboards.

Exploring the Activeboard

When opening the Windows System Audit Activeboard, the following info display:

Note

Load data takes too long

Sometimes some widgets take time to upload the data, it is possible to speed up the process by creating aggregation tasks. Refer to Aggregation tasks article to learn how to do it.

Expand
titleClick here to see the details

Widget

Details

Filter by Host

Total Audit Success

Total Audit Failures

Events Over Time

Account logons

Accounts with 10 or more failed loggons per hour

More Recent Audit Events

Processes created

Audit Policy changes