ADMonitor

EventSentry offers native Active Directory and Group Policy change monitoring


Download Now Request a demo


Active Directory Monitoring with ADMonitor

EventSentry can monitor all changes to Active Directory and Group Policy objects down to the attribute level with ADMonitor, an optional Add-On.

Since Active Directory is a central database that stores all users, groups and computer objects of an organization, tracking all activity is crucial in order to maintain a secure network. Idle users and undetected changes can seriously compromise the security of a Windows domain.

Monitoring Active Directory changes using the security event log however is difficult, inefficient and cumbersome. ADMonitor solves this problem by monitoring Active Directory directly - with little reliance on the security event log.

ADMonitor offers the following functionality:

  • Show all object changes down to the attribute level
  • User inventory that Identifies idle accounts, disabled accounts, stagnant passwords and more
  • Group Policy changes with before and after value
  • Extensive reporting and alerts

ADMonitor completely integrates with EventSentry and is usually setup in less than 2 minutes.


ADMonitor
EventSentry ADMonitor Demo

Built-In Functionality vs ADMonitor

Feature EventSentry Built-In EventSentry ADMonitor
Detect User & Group Changes Yes Yes
Detect Any Attribute Change No Yes
Before & After Values No Yes
Requires Detailed Auditing Yes No
Monitor Group Policy Changes No Yes
Identify Problematic AD User Accounts No Yes
Detect Local (Non-AD) User & Group Changes Yes No
Licensed Separately No Yes

Blog Post
https://www.eventsentry.com/blog/2019/03/eventsentry-v4-0-introducing-admonitor.html

Review
https://4sysops.com/archives/eventsentry-4-0-siem-with-active-directory-monitoring/