Phone Get Quote
US: +1 888 720 9500
US: +1 888 791 1189
Intl: +1 925 924 9500
Aus: +1 800 631 268
UK: 0800 028 6590
CN: +86 400 660 8680

Direct Inward Dialing: +1 408 916 9892

Windows Active Directory Auditing in Real-Time

Scroll Down
Insider Threats
Insider attacks detection is next to impossible when the adversary is an IT worker with privileged access to the systems such as Active Directory
User Logon
This user logon audit solution, helps track the users activities in the Windows Server environment like logon times, logon history, terminal services activities
GPO Settings
Monitor the Active Directory Group Policy settings changes, know every change done in any of the 6000+ settings along with the before and after values
Data Archiving
Archive data for forensic analysis 3 years, 5 years or 7 years down the line! Get historical reports and save on disk space
Meet Compliance requirements of SOX, HIPAA, GLBA, PCI-DSS, FISMA with the 200+ pre-configured audit reports
Reports & Alerts
Audit the Active Directory objects with the 200+ pre-configured reports along with instant email alerts for critical changes

User Logon

In real-time, monitor user logon activity on Domain Controllers with pre-configured audit reports and email alerts. Audit reports ensure the administrator knows the reason behind users’ logon failures, login history, terminal services activity and users’ recent logon activities across the network including Workstations & Servers. Further, the logon audit solution acts as an indispensable tool to facilitate audit of specific logon events, current and past logon activity and lists all logon related changes.

Account lockout Analyzer | User Management Actions | Track User logon Actions

  • Verify the employee attendance in a given periodic analysis / audit interval
  • View the complete history of logon of any user in the domain
  • Identify if any user is attempting a logon into machines with insufficient privileges
  • Spot users who connect to Domain Controllers or Workstations or through remote access

Audit Reports

Logon Failures, Domain Controller Logon Activity, User Logon Activity, Recent User Logon Activity, User's Last Logon, Users Logged into Multiple Computers, Workstation logon activity, Member Server Logon Activity

GPO Settings

Audit and report on the GPO changes to the Windows Active Directory in real-time; In-depth advanced tracking of the Group Policy Objects before and after values of configuration, password policy and settings changes. A single settings error can be catastrophic, causing a spurt in the unauthorized access and in the compromise of IT security. Avoid the complexities involving auditing GPOs with pre-configured change audit reports and instant email alerts, all in real-time.

GPO settings audit | GPO management audit | GPO audit reports

  • Monitor every GPO change in the probable 6000 settings
  • Know the before and after values of GPO settings
  • Automated periodic audit reports for review & Compliance
  • Real-time email alerts upon critical GPO changes

Real-Time Audit Reports

Recently Created GPOs, Recently Deleted GPOs, Recently Modified GPOs, Group Policy Settings Changes, Computer Configuration Changes, User Configuration Changes, Password Policy Changes

Attribute Changes

Real-time audit of the old and new attribute values of all Windows Active Directory Objects; Know every change to Users, Computers, Configuration, Groups, GPOs, OUs, DNS Servers and be up-to-date on unauthorized attempts and get real-time alerts and email notification for every attribute modification / permission changes. Monitor and view the AD objects values in corresponding pre-configured report, query with the numerous attributes to filter and funnel down on the precise information in a simple interface.

Active Directory old / new attribute values

  • Know Who did What, When and from Where
  • Monitor the crucial 'Extended security attributes' and 'Extended user attributes'
  • Track every access control list, attributes & permission changes
  • View the before and after of every change in real-time, to reverse the erroneous setting effect

Real-Time Audit Reports

User Extended Attribute Changes, Group Extended Attribute Changes, Computer Extended Attribute Changes, OU Extended Attribute Changes, GPO Extended Attribute Changes

Data Archiving

Processed event log data older than required can be archived and cleared from the working DB. This can be done using the 'Archive Events' option in ADAudit Plus. Set periodic event cleanup schedules to compress events data. Archiving audit data helps to maintain an optimum size for the working DB. The archived data is required for historical reporting, for forensics and Compliance requirements. The audited reports can be exported to xls, csv, pdf and excel formats.

Audit reports from archived data

  • Get historic reporting from archived data for security and forensic analysis
  • SOX, HIPAA, PCI-DSS require historical event data from a minimum of 3 years
  • Save gigabytes on disk space with archived events data
  • View reports from years of archived data


SMBs or Large organizations have to comply with industry specific Compliance Acts like SOX, HIPAA, GLBA, PCI-DSS, FISMA…. With our Compliance specific pre-configured real-time AD reports and alerts, we ensure your network is under 24/7 audit with periodic security reports and email alerts as standard procedure.

A Few Compliance Specific Reports

SOX – Recent User Logon Activity, Logon Failures, Administrative User Actions, Domain Policy Changes, User Management, Logon History, Changes on Member Server

HIPAA – All File or Folder Changes, Computer Management, OU Management, Logon Duration, Group Management, Terminal Services Activity

GLBA – Local Logon Failures, Folder Permission Changes, Folder Audit Setting Changes (SACL), Successful File Read Access, Domain Policy Changes

PCI-DSS – Logon history, Logon Failures, Successful File Read Access, Changes on Member Server, Radius Logon History (NPS)

FISMA – Administrative User Actions, Failed Attempt to Delete File, Failed Attempt to Write File, All File or Folder Changes, Computer Management

Real-Time Audit Reports & Alerts

Choose from the 200+ pre-configured audit reports with automatic periodic report generation right to your inbox. With 50+ Search Attributes, be ready to be empowered with detailed information, track Windows Active Directory object changes (Users, OU, Groups, GPO, Computer, Schema, DNS and System), all in real-time. Filter reports on business / non-business / all hours. Create custom reports, set profile based reports and also, do historical reporting from the archived data for forensics.

Real-time on-screen alerts with emailing of alerts upon unauthorized network access / modification events. User, time and volume based threshold alerts help identify the problem precisely.

All Active Directory change audit reports | Compliance audit reports

  • Automate periodic reporting with schedulable pre-configured audit reports
  • Create custom reports and email alerts with ease in a few clicks
  • SOX, HIPAA, FISMA, GLBA, PCI-DSS Compliance specific audit reports to help meet requirements
  • Export audit reports in XLS, CSV, PDF and HTML formats
Also in ADAudit Plus,

200+ ready-to-use audit reports for security, forensics & Compliance

Logon / Logoff
Monitor workstations logon & logoff to know every successful & failure logon
File Server
Audit Windows File Servers, Clusters, EMC, NetApp file and folder changes
Member Server
Track every Windows Server change with reports: Summary Report....
Logon / Logoff
  • Audit the users' Workstation logon & logoff times, logon duration
  • Users logon failures, logon history, Terminal Services & RADIUS logons
  • View pre-configured reports and set email alerts for critical accounts
Windows File Server
  • Audit File Servers, Windows Failover Cluster, NetApp Filers & EMC Servers
  • Monitor failed attempts & successful file create, modify, delete & file read
  • Files moved or renamed, copy-n-pasted, modifications & access permissions
Windows Member Server
  • Audit Member Servers, File Integrity monitoring, Printers & USB accesses
  • Monitor local logon, logoff, logon duration, logon failures & logon history
  • Track scheduled tasks, processes, folder audit & permission changes
ADAudit Plus is available in 4 Editions

Starts at $0

  • Never expires
  • 25 Workstations free
  • Reports can be generated from event log data collected during evaluation / license period

Starts at $0

  • All features of Professional Edition for 30 days
  • You can Audit
    5 Domain Controllers
    2 File Servers
    1 NetApp Filer (or)
    1 EMC File Server
    10 Member Servers
    100 Workstations

Starts at $595

  • 200+ pre-configured audit reports
  • Real-time Active Directory auditing
  • Monitor AD User, Group, Computer, OU, GPO changes
  • Audit Workstations logon / logoff
  • File create, modify, delete, access, permissions
  • Track system events, scheduled tasks
  • Printer & USB audit
  • Email alerts & Scheduled reports
  • Compliance specific reports
  • Data archiving

Starts at $945

  • All features of Standard Edition +
  • Group Policy Objects settings audit
  • Old & new value of all attribute changes of AD Objects
  • Active Directory permission change audit
  • Account lockout analyzer
  • DNS Server, Schema, Contacts & Configuration Auditing
  • Support for MS SQL Server database
  • ADAudit Plus has helped us meet certain SOX and PCI compliance requirements. Liking the automated monthly reports for SOX, ease of use, implementation and very cost effective solution.
    Jeffrey O'Donnell
    Director of IT,
    Uncle Bob’s Self Storage
  • We finalized on ManageEngine ADAudit Plus, primarily for our SOX Audit reports and I think the tool, with its easy to comprehend output is very cool and the highly competitive pricing helped grab our attention.
    Andreas Ederer
    Cosma International
  • We are an emergency healthcare provider. We see the software as good risk avoidance with some good risk management practices and help us meet HIPAA compliance. We chose ADAudit Plus, which works 24/7/365 like us.
    JT Mason
    Director of IT
    California Transplant Donor Network (CTDN)
  • We evaluated different software; ADAudit Plus is extremely easy to deploy and a cost-effective solution that helped us pass several industry related security audits, in-depth PEN audit test and meet HIPAA security guidelines.
    Renee Davis
    Life Management Center
  • We are a not for profit organization and had to satisfy HIPAA requirements, we chose ADAudit Plus which helped us to see what changes were made and who made them in our AD.
    Manager of Network Operations
  • ADAudit Plus was the simplest and most relevant from the several products we trialed to monitor user logon failures, account cleaning, to keep a check on malicious activities and meet PCI-DSS compliance.
    Bernie Camus
    IT Manager
Yes I'm Interested No, I'd rather pay more.

ADAudit Plus Trusted By

A single pane of glass for complete Active Directory Auditing and Reporting