ADMonitor
Download Now Request a demo
Active Directory Monitoring with ADMonitor
EventSentry can monitor all changes to Active Directory and Group Policy objects down to the attribute level with ADMonitor, an optional Add-On.
Since Active Directory is a central database that stores all users, groups and computer objects of an organization, tracking all activity is crucial in order to maintain a secure network. Idle users and undetected changes can seriously compromise the security of a Windows domain.
Monitoring Active Directory changes using the security event log however is difficult, inefficient and cumbersome. ADMonitor solves this problem by monitoring Active Directory directly - with little reliance on the security event log.
ADMonitor offers the following functionality:
- Show all object changes down to the attribute level
- User inventory that Identifies idle accounts, disabled accounts, stagnant passwords and more
- Group Policy changes with before and after value
- Extensive reporting and alerts
ADMonitor completely integrates with EventSentry and is usually setup in less than 2 minutes.
EventSentry ADMonitor Demo
Built-In Functionality vs ADMonitor
| Feature | EventSentry Built-In | EventSentry ADMonitor |
|---|---|---|
| Detect User & Group Changes | Yes | Yes |
| Detect Any Attribute Change | No | Yes |
| Before & After Values | No | Yes |
| Requires Detailed Auditing | Yes | No |
| Monitor Group Policy Changes | No | Yes |
| Identify Problematic AD User Accounts | No | Yes |
| Detect Local (Non-AD) User & Group Changes | Yes | No |
| Licensed Separately | No | Yes |
Blog Post
https://www.eventsentry.com/blog/2019/03/eventsentry-v4-0-introducing-admonitor.html
Review
https://4sysops.com/archives/eventsentry-4-0-siem-with-active-directory-monitoring/
Event Log Monitoring
Reporting
Health Monitoring
Compliance
ADMonitor
Management
Log File Monitoring
Network Monitoring
Environment
Notifications
Log Consolidation
Full Feature List