ADAudit Plus facilitates an easy to understand alerting mechanism to alert on any configured change event. The alerts are based on the event data obtained from a configured Report Profile.
in ADAudit Plus
Alerts in ADAudit Plus enables real time monitoring of a change in the Active Directory. An alert will include the following information,
This is the Domain Controller from which
This provides the Domain Information.
Severity indicates the degree of importance
associated with an event. ADAudit Plus provides 3 different alert notifications
The degree of importance or the Severity
to be associated with an event is decided and configured by an administrator
while configuring Alert Profiles.
Details of the generated alert provided
in a easy-to-understand format.
Example: Login failure for User 'Administrator'
in '192.168.117.56'. Reason: 'Bad password'
This is the time when the Alert was generated.
/ Create Alert Profiles:
ADAudit Plus facilitates an administrator
to create customized Alert Profiles by associating them to a Report Profile
of choice. To configure / create an
alert profile click
ADAudit Plus allows an administrator to
manage his alerts by clearing or deleting them with the Clear / Delete alerts options.
- Click on the "Alerts"
Tab (This displays alerts in the configured Domain Controllers )
- Select "Active Alerts"
from the Drop down (This displays only the Active Alerts in the Configured
- Select the Alerts to
be cleared by providing a check against the respective Alerts.
- Click on 'Clear' (This will clear the selected alerts)
- Only real time alerts which are unattended/uncleared are visible under the "Active Alerts" Table.
- Once an alert is attended it can be cleared.
- Cleared alerts will be visible under the "All Alerts" Table.
- Click on the "Alerts" Tab (This displays alerts under the configured the Domain Controllers)
- Select "Active Alerts" from the Drop down (This displays only the Active Alerts in the Configured Domain Controllers)
- Select the Alerts to be cleared by providing a check against the box provided against them.
- Click on 'Delete' (This will delete the selected alerts)
Clearing or Deleting
of Alerts is possible for both "Active
Alert" or "All Alert" options selected from the drop down.
An Alert once deleted
will not be visible under any of the Alert Tables.
Cleared alerts along
with real time alerts will be visible under the "All Alerts"
Based Alerts" or "Alert Profile Based Alerts" can be viewed
and managed by selecting respective Alert Tables.
An important part of an alert is its ability to notify users. Alerts
configured in ADAudit Plus can be notified to one or more recipients by
To configure an email alert from the "Alert" Tab
- Click on the "Email Notification" Link to the top right of the page.
- This will redirect to the "Configuration" Tab showing all "Available alert profiles".
- Click on the "Configure" link under the column "E-mail Notify".
- This will redirect to the page where you can "Modify Alert Profiles"
- Under "Modify Alert Profile" provide a check against "Send E-mail Notification".
- Enter the "Mail To" address in the check box provided. (For multiple recipients,separate email addresses with commas.)
- Click on "Update".
This will update the "Alert Profile" for the "Selected
Report Profile". Any new alert will be notified by email to one or
all email addresses entered here. This is also discussed under the Alert
Profiles Configuration Section.
The "Mail To" Box will be open for entry only if a Mail Server
is configured. To configure mail Server click on the "Configure Mail
Executing a customized response to a triggered alert
Determine your response to a triggered alert and write a suitable script to execute the response. The supported scripts are PowerShell (.ps1) and batch (.bat).
To be entered in the Script Location field:
Syntax: filename "parameter 1" "parameter 2" "parameter n"
Here, filename is the name of the script file in alert_scripts folder.
parameter n is a ADAudit Plus event variable.
Test.bat "%USERNAME%" "%CLIENT_HOST_NAME%"
- The script file should be located in <Installation_directory>\alert_scripts folder.
- The file name should not contain spaces.
- Custom parameters cannot be used, only preconfigured variables for the selected report profiles can be used. Preconfigured variables can be added using the Add link.
Copyright © 2022, ZOHO Corp
. All Rights Reserved.