Support

Phone Get Quote

Support

US: +1 888 720 9500

US: +1 888 791 1189

Intl: +1 925 924 9500

Aus: +1 800 631 268

UK: 0800 028 6590

CN: +86 400 660 8680

Direct Inward Dialing: +1 408 916 9892

Quick start

Architecture

Architecture

Active Directory

Active Directory auditing

Overview
Configure AD domains and DCs
- Automatic configuration
- Manual configuration
Configure audit policies
- Automatic configuration
- Manual configuration
Configure object level auditing
- Automatic configuration
- Manual configuration
Configure event log settings
Troubleshooting

ADFS auditing

Overview
Configure AD FS servers in ADAudit Plus
Configure audit policies
- Automatic configuration
- Manual configuration
Configure AD FS servers for auditing
Troubleshooting

Group policy object auditing

Overview
Configure domain controllers
Configure the audit policies
- Automatic process
- Manual process
Configure object level auditing
- Automatic process
- Manual process
Configure event log settings
Install Group Policy Management Console

Azure AD configuration

Overview
Feature comparison: Azure App vs. M365
Configuring Azure AD in ADAudit Plus
- Using an Azure AD Premium license
- Using a Microsoft 365 license
Reporting capabilities of ADAudit Plus
- ADAudit Plus vs. Azure portal
- ADAudit Plus vs. PowerShell cmdlets
Event categories tracked
Log retention settings in Azure AD
Troubleshooting

Azure AD DS auditing

AD CS auditing

Windows Server

Windows server auditing

Overview
Configure Windows servers
- Using product console
- Using command line arguments
Configure audit policies
- Automatically
- Manually
Configure event log settings
Troubleshooting

Removable storage auditing

File integrity monitoring

Overview
Configure FIM in ADAudit Plus
Configure audit policies
- Automatic configuration
- Manual configuration
Configure object-level auditing
Exclude configuration
Configuring event log settings

PowerShell auditing guide

Overview
Configure PowerShell in ADAudit Plus
Configure audit policies
- Automatic configuration
- Manual configuration
Configure event log settings
Troubleshooting

User session recording

Overview and steps

File Server

Windows file server auditing

Overview
Supported systems
Configure Windows file servers
- One server at a time
- In bulk
Configure audit policies
- Automatic configuration
- Manual configuration
Configure object-level auditing
- Automatic configuration
- Manual configuration
Configure security log size and retention settings
Exclude configuration
File Analysis
Troubleshooting

EMC server auditing

Overview
Privileges required
Adding EMC servers
Configure audit policies
Configure event log settings
Configure object-level auditing
- Automatic configuration
- Manual configuration
Exclusion configuration
Troubleshooting

EMC Isilon auditing

Synology auditing

Huawei OceanStor Auditing

Overview
Huawei OceanStor V5 series
Huawei OceanStor 9000 V5
Huawei OceanStor Dorado All-Flash Storage and OceanStor Hybrid Flash Storage
Adding devices in ADAudit Plus
Exclude configuration
Troubleshooting

NetApp filer auditing

Overview
Adding NetApp 7Mode/vFiler CIFS server
Configure audit policies
- Automatic configuration
- Manual configuration
Configure object-level auditing
- Automatic configuration
- Manual configuration
Exclude Configuration
Troubleshooting

NetApp cluster auditing

Hitachi NAS auditing

Amazon FSx auditing guide

QNAP NAS Auditing Guide

Windows workstation auditing

Overview
Configure windows workstations
- Using product console
- Using command line arguments
Configure audit policies
- Automatic Process
- Manual Process
Configure event log settings
Troubleshooting

Event collection troubleshooting

Overview
Errors and solutions

Migration

Security

Security specifications

Security hardening

Security hardening

Product configuation

Service account configuration

SSL configuration

Security log settings

Security Log Settings

Agent configuration

Overview
Installation prerequisites
Agent installation
- Install agent via ADAudit Plus' UI
- Install agent manually
Agent security settings
Agent configuration sync
Upgrade the agent
Agent uninstallation
Troubleshooting
Errors and solutions

Single sign-on

NTLM authentication
SAML authentication

Ports

Product and System Ports

2FA configuration

Virtual IP address settings

Virtual IP address settings

High availability configuration

Email and SMS server configuration

Overview
Configure the email server
- Using SMTP
- Using an API
Configure the SMS server
Troubleshooting

Automatic configuration

Add/Remove devices and shares

ServiceNow Integration

Overview and steps

Enabling auditing

Follow the steps below to configure auditing in your target OceanStor 9000 V5 storage devices.

To view the ACL values before and after permission change and owner change events, log on to the ADAudit Plus web console, go to Admin > Configuration > Alert/Report Settings, and enable Show detailed permission changes for NAS devices.
Ensure that the OceanStor storage device's name resolves to an IP that serves as the management IP.
Ensure that a logical port—that is not dedicated to a vStore—is set up for accessing the REST API.

Enabling auditing

Open OceanStor DeviceManager and enable auditing under Settings > Storage Settings > Directory Log Settings > File Directory Operation Log. Select the events you wish to audit.

Enabling auditing

Set the audit log location and purge settings. Set the logs to purge after reaching 20GB.

Enabling auditing

To filter out event noise and reduce the time it takes to generate logs, disable logon and logoff events in OceanStor 9000 V5 by executing the commands below via SSH:

(For vStores only)

CLI command admin:/>change vstore view name=vStore004

CLI command admin:/>change service cifs logon_audit_disable=yes

ADAudit Plus Trusted By