Knowledge Base


The EventSentry service uses Microsoft39s LDAP library to resolve GUIDs from Active Directory at startup and during runtime. The port number will vary on different machines and might change during runtime. The Microsoft LDAP library opens up both a TCP and UDP connection upon initialization and connection to the nearest domain controller. T...

KB-ID 148
Category: Security
Applies to:

By default the EventSentry agent runs under the LocalSystem account which has unrestricted access to Operating System resources which ensures that all components of the system can be monitored accurately. You can change the account the agent is running under through the Services application in the Administrative Tools but some manual conf...

KB-ID 184
Category: Security
Applies to: All Versions

By default EventSentry is not affected by the Heartbleed unless SSL is enabled on the builtin PostgreSQL database. See below for a list of all EventSentry components: EventSentry Agent: Does not use OpenSSL not vulnerable EventSentry Heartbeat Agent: Does not use OpenSSL not vulnerable EventSentry Network Services: Does not use Ope...

KB-ID 256
Category: Security
Applies to: 2.93.x to 3.0.1.67

Yes this is only takes a few minutes to configure. Use the EventSentry console toolbar and click Tools Embedded Scripts Make a new script and give it a name that ends with .bat such as blockpetya.bat Select the new script and create its contents on the right. Paste this line: if not exist systemroot\perfc. echo systemro...

KB-ID 354
Category: Security
Applies to: 2.93 and later

Yes this is only takes a few minutes to configure. Use the EventSentry console toolbar and click Tools Embedded Scripts Make a new script and give it a name that ends with .bat such as blockbadrabbit.bat Select the new script and create its contents on the right. Paste these lines: if not exist systemroot\infpub.dat echo ...

KB-ID 368
Category: Security
Applies to: All