Net Report Configuration Guide for WMI on Windows 2000 & XP



Similar documents
Integrating LANGuardian with Active Directory

Hands-On Microsoft Windows Server 2008

Configuring Network Load Balancing with Cerberus FTP Server

Promap V4 ActiveX MSI File

DCOM Setup. User Manual

How To Create An Easybelle History Database On A Microsoft Powerbook (Windows)

intertrax Suite resource MGR Web

Distributing SMS v2.0

XF Extracellular Flux Analyzer. Installation and Troubleshooting Guide

HELP DOCUMENTATION E-SSOM DEPLOYMENT GUIDE

Using Group Policies to Install AutoCAD. CMMU 5405 Nate Bartley 9/22/2005

Tenrox and Microsoft Dynamics CRM Integration Guide

Installing Policy Patrol on a separate machine

How to Connect to Berkeley College Virtual Lab Using Windows

For Active Directory Installation Guide

Setting up DCOM for Windows XP. Research

TROUBLESHOOTING INCORRECT REPORTING OF THE WHO CHANGED PARAMETER

Secure Agent Quick Start for Windows

Enabling Backups for Windows and MAC OS X

Active Directory Software Deployment

Configuring WMI Performance Monitors

Nagios XI Monitoring Windows Using WMI

Basic Exchange Setup Guide

ACTIVE DIRECTORY DEPLOYMENT

Releasing blocked in Data Security

EventTracker: Integrating Imperva SecureSphere

Sage HRMS 2014 Sage Employee Self Service Tech Installation Guide for Windows 2003, 2008, and October 2013

Wavecrest Certificate

Installing Management Applications on VNX for File

Supplement I.B: Installing and Configuring JDK 1.6

Portions of this product were created using LEADTOOLS LEAD Technologies, Inc. ALL RIGHTS RESERVED.

4cast Client Specification and Installation

Sophos Anti-Virus for NetApp Storage Systems startup guide

How to Configure Terminal Services for Pro-Watch in Remote Administration Mode (Windows 2000)

SSL Intercept Mode. Certificate Installation Guide. Revision Warning and Disclaimer

ArcMail Technology Defender Mail Server Configuration Guide for Microsoft Exchange Server 2003 / 2000

System Area Management Software Tool Tip: Integrating into NetIQ AppManager

Basic Exchange Setup Guide

Virtual Office Remote Installation Guide

To install the SMTP service:

DC Agent Troubleshooting

Velocity Web Services Client 1.0 Installation Guide and Release Notes

WhatsUp Event Alarm v10.x Listener Console User Guide

Test Note Phone Manager Deployment Windows Group Policy Sever 2003 and XP SPII Clients

How to Enable the Audit of Active Directory Objects in Windows 2008 R2 Lepide Software

etoken Enterprise For: SSL SSL with etoken

How To Configure CU*BASE Encryption

How To Install And Configure Windows Server 2003 On A Student Computer

June 20, Copyright 2012 by World Class CAD, LLC. All Rights Reserved.

Lab A: Deploying and Managing Software by Using Group Policy Answer Key

Create, Link, or Edit a GPO with Active Directory Users and Computers

Lab 14A: Using Task Manager and Event Viewer

Scan to SMB(PC) Set up Guide

Viewing and Troubleshooting Perfmon Logs

Course: WIN310. Student Lab Setup Guide. Summer Microsoft Windows Server 2003 Network Infrastructure (70-291)

Deploying BitDefender Client Security and BitDefender Windows Server Solutions

Windows Firewall Configuration with Group Policy for SyAM System Client Installation

MadCap Software. Upgrading Guide. Pulse

Sophos Anti-Virus for NetApp Storage Systems user guide. Product version: 3.0

HP Device Manager 4.6

Installation Guide - Client. Rev 1.5.0

Microsoft XP Professional Remote Desktop Connection

Using Windows Administrative Tools on VNX

Installing Active Directory

Administration Guide. . All right reserved. For more information about Specops Gpupdate and other Specops products, visit

Network Printing In Windows 95/98/ME

Deploying Windows Streaming Media Servers NLB Cluster and metasan

Kepware Technologies Remote OPC DA Quick Start Guide (DCOM)

CLEO NED Active Directory Integration. Version 1.2.0

1. Set Daylight Savings Time Create Migrator Account Assign Migrator Account to Administrator group... 4

EMC Celerra Network Server

Creating client-server setup with multiple clients

Setup non-admin user to query Domain Controller event log for Windows2003

PC Agent Quick Start. Open the Agent. Autonomy Connected Backup. Version 8.8. Revision 0

Autodesk Inventory Advisor Quick Start Guide

Setting up Sharp MX-Color Imagers for Inbound Fax Routing to or Network Folder

Table of Contents WELCOME TO ADAUDIT PLUS Release Notes... 4 Contact ZOHO Corp... 5 ADAUDIT PLUS TERMINOLOGIES... 7 GETTING STARTED...

Census. di Monitoring Installation User s Guide

Installation Manual (MSI Version)

Portions of this product were created using LEADTOOLS LEAD Technologies, Inc. ALL RIGHTS RESERVED.

Appendix B Lab Setup Guide

ContentWatch Auto Deployment Tool

Reference and Troubleshooting: FTP, IIS, and Firewall Information

Tool Tip. SyAM Management Utilities and Non-Admin Domain Users

LAB 1: Installing Active Directory Federation Services

Course 2277: Implementing, Managing, and Maintaining a Microsoft Windows Server 2003 Network Infrastructure: Network Services

Windows Firewall must be enabled on each host to allow Remote Administration. This option is not enabled by default

RSA Security Analytics

Supplement I.B: Installing and Configuring JDK 1.6

NovaBACKUP xsp Version 15.0 Upgrade Guide

System Management Console User Guide

OPC and DCOM: 5 things you need to know Author: Randy Kondor, B.Sc. in Computer Engineering

AD Certificate Distribution

ENABLE LOGON/LOGOFF AUDITING

How to add your Weebly website to a TotalCloud hosted Server

NETWRIX WINDOWS SERVER CHANGE REPORTER

Step by step guide for connecting PC to wired LAN at dormitories of University of Pardubice

INSTALLATION INSTRUCTIONS FOR UKSSOGATEWAY

Administration Guide. . All right reserved. For more information about Specops Deploy and other Specops products, visit

Print Audit 6 - SQL Server 2005 Express Edition

Transcription:

Net Report Configuration Guide for WMI on Windows 2000 & XP 1

Table of Contents Table of Contents... 2 About This Document... 3 Purpose... 3 Technical Specifications... 4 Task 1: Configuring Audit Policy in the Microsoft Local Security Policy Console... 5 Task 2: Configuring Audit Object Access for Files & Directories in Microsoft Explorer... 7 Task 3: Configuring Microsoft Event Viewer Application, Security and System Logs... 13 Contacting Net Report... 17 2

Purpose About This Document This Net Report Configuration Guide for Net Report WMI for Windows logs for Net Report Versions 3.12 and later explains how to configure Microsoft Windows Management Instrumentation (WMI) for Net Report on computers on Windows 2000 and XP. Note: note that Net Report treats the Microsoft Windows Event Viewer Application, Security and System logs. Therefore this document includes instructions on how to configure Microsoft Event Viewer logs and Microsoft Local Security Policy Console for Net Report along with guidelines on how to configure Net Report for Microsoft WMI. Scope This document explains how to install and configure the Net Report for WMI (Microsoft Windows Management Instrumentation, Event Viewer Application, Security and System logs). The document is divided as follows: Task 1: Configuring the Audit Policy in the Microsoft Local Security Policy Console. Task 2: Configuring the Audit Object Access for Sensitive Files/Directories via Microsoft Explorer. Task 3: Configuring Application, Security and System Logs via Microsoft Event Viewer. Related Information Please read the following documents which are related to Net Report s technical documentation: Copyright Notice: /downloads/webdoc/copyright/net_report_copyright_notice.pdf Code and Icon Conventions: /downloads/webdoc/conventions/net_report_code_and_icon_conventions.pdf Online Help: /us/support/sup_userhelp.html Troubleshooting: /us/ourdocuments/nrfaqs.htm Glossary: /knowledgebase/userhelp/16_net_report_glossary/net_report_glossary_2.0.1.htm Net Report and Microsoft WMI - Specific Information This document applies to Microsoft Event Viewer Application, Security and System logs for Windows 2000 and XP. 3

Technical Specifications The guidelines given in this document are applicable to the Microsoft Event Viewer, Microsoft Local Security Policy Console and Net Report 3.12 and greater. The Microsoft Event Viewer and Local Security Policy Consolers are browser-based configuration tools designed to help you set up, configure and monitor your Enterprise s Applications, Security and Systems easily. Audience This document addresses both basic and advanced Net Report users. This Guide is also written for System Administrators who are responsible for maintaining network security. It assumes you have a basic understanding and a working knowledge of: Microsoft Windows Management Instrumentation. System Administration. Unix or Windows Operating Systems. Windows GUI. Internet protocols (IP, TCP, UDP and so on). 4

Task 1: Configuring Audit Policy in the Microsoft Local Security Policy Console Please note that this section is optional, configure the auditing policy which you require and which is appropriate for your Enterprise Configuration (please note that the dashboard you generate will contain No Data Available for each Policy that you have not configured. Please configure your Enterprise computers to ensure they log the necessary information for WMI for Net Report to correctly treat the log data. This section explains how to define the Audit Policy for Net Report WMI Dashboards on each computer that you wish to monitor which you specified in the Net Report Management Console Microsoft WMI Agent Domain List of Computers. To do so, please follow the steps below. Steps 1. Select Start> Control Panel> Administrative Tools> Local Security Policy. The Microsoft Local Security Policy console appears. 2. Select Security Settings> Local Policies> Audit Policy in the left Security Settings pane. 5

3. Double-click on each of the following Policies in the central Policy pane to authorize that the Success and Failure audits for each policy be audited: a. Audit account logon events b. Audit account management c. Audit directory service access d. Audit logon events e. Audit object access f. Audit policy change g. Audit privilege use h. Audit process tracking i. Audit system events 4. Select the Success and Failure check boxes in the Local Security Setting tab. 5. Click OK. 6

Task 2: Configuring Audit Object Access for Files & Directories in Microsoft Explorer Warning: please limit the number of files and directories you audit with the Audit Object Access, since this can lead to performance problems. Please note that this section is optional, configure the Audit Object Access which you require and which is appropriate for your Enterprise Configuration (please note that the dashboard you generate will contain No Data Available for each Policy that you have not configured. To audit access to specific files and directories that may be sensitive for your organization, you must perform the following two steps: Enable the Audit Policy o Select the Audit Object Access Policy in the Local Security Settings o Select the Success and Failure check boxes (please see task 4 for details). Enable auditing on the individual files and directories you wish to audit. o This section explains how to enable auditing on those files and directories that you want to monitor. 7

Steps 1. Open Microsoft Explorer, browse to locate the file you want to audit. 2. Right-click on the file you want to audit. The context menu appears. 8

3. Select Properties. The [FileName] Properties dialog box appears. 4. Select the Security tab. 5. Click Advanced. The Advanced Security Settings for [FileName] dialog box appears. 9

6. Select the Auditing tab. 7. Click Add. The Select User or Group dialog box appears. 10

8. Type Everyone in the Enter the object name to select field. 9. Click Check Names. Everyone will be underlined. 11

10. Click OK. The Auditing Entry for [FileName] dialog box appears. 11. Select the Access you wish to Audit and then click OK. 12. Verify that the Audit is working on your specified file (in this case explorer.exe) select Start> Run and then type the file name specified. You should see an Object Access event in the Event Viewer. Note: if you have Microsoft Active Directory setup, you can also use Group Policy to automatically set up auditing on all the machines in your Enterprise. 12

Task 3: Configuring Microsoft Event Viewer Application, Security and System Logs Steps 1. Select Start> Control Panel> Administrative Tools> Event Viewer. The Microsoft Event Viewer console appears. 2. Note the three Event Viewer logs which Net Report monitors: Application, Security and System Logs: 13

3. Follow the same procedure for each Event Viewer Log, that is for the: a. Application log, b. Security log c. System Log This section uses the Application log as an example, you must repeat the same procedure for the Security and System logs as well. 4. Right-click on the Event Viewer Log you want to configure, in this example, right-click on the Application log. The context menu appears. 5. Select Properties in the Event Viewer> [LogName] context menu.. 14

The [LogName] Properties dialog box appears. 6. Increase the value in the Maximum log size field (if necessary) by using the combo box. 7. Select the Overwrite events as needed options button. Note: if an Event Viewer log is full, the WMI agent will not receive anymore log data. Therefore, please ensure that either the Overwrite events as needed options button is selected, or that you have specified an appropriate number of days of events to keep before they are overwritten. 8. Consider creating a scheduled task to either export or save your Event Viewer logs on a regular basis, e.g. every two days (for International Regulatory purposes for example). 15

9. Select the Filter tab. Ensure that the following five check boxes are selected in the Event types zone: a. Information b. Warning c. Error d. Success audit e. Failure audit 10. Click OK. Note: please download the Net Report WMI Dashboard Presentation for information on how to get the most out of our WMI for Windows Event Viewer Application, Security and System Logs Dashboards. 16

Contacting Net Report For Technical Support, please contact us: By e-mail at: support@netreport.fr By Telephone on: +33 (0)46 784 4800 By Fax on: +33 (0)46 784 4811 By post at: Net Report Headquarters, 130 rue Baptistou, ZAE Nord, 34980 Saint Gély du Fesc, FRANCE For Sales Enquiries, please contact us: By e-mail at: sales@netreport.fr By Telephone on: +33 (0)1 46 84 15 66 By post at: Net Report Sales Offices, Allasso France, Immeuble Europe Avenue, 3ème et 4 ème étage (Reception), 62 Bis av André Morizet, 92 643 Boulogne-Billancourt Cedex, FRANCE 17

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information