Direct Inward Dialing: +1 408 916 9892
Monitoring event logs is essential to get a wholesome picture of your organization's IT environment. Event logs provide a wealth of information about file access changes, administrative events, logon activity and so on. Tracking and recording critical events that occur within an organization's network is critical to satisfy security reviews and IT compliance requirements.
The following is a comparison between the procedures of monitoring event logs using Windows PowerShell and ADAudit Plus:
The following cmdlet gets events from local computer and saves it in .html format.
Get-EventLog -ReportType HTML -Path 'Mention the location where report needs to be saved, For Eg: C:\EventLogReports\Report1.html'
To fetch event logs from a remote computer, specify the computer name.
Get-EventLog -ComputerName Name of desired computer -ReportType HTML -Path "Mention the location where report needs to be saved, For Eg: C:\remoteLogReports\Report1.html"
In order to save the reports in xml format, replace HTML with XML in the above cmdlets.
The script can be altered to generate reports with other parameters such as -Before, -After (To get reports before and after a specific date and time respectively.), -EntryType (This parameter returns logs based on event status like warning, error, information, audit success or audit failure.) and so on.
To view the reports under different categories, navigate to, Reports tab in ADAudit Plus console.
ADAudit Plus also allows users to generate custom reports.
Navigate to Analytics -> Custom Reports to build custom reports.
The self explanatory UI allows users to select parameters to be monitored and included in the report.
The report created by the user can be accessed by clicking on the View Custom Reports button. The report can also be exported in any of the preferred formats (PDF, XLS, HTML and CSV) by selecting the 'Export As' option.
Following are the limitations to obtain reports from Eventlog using native tools like Windows PowerShell:
ADAudit Plus will automatically scan all DCs in the domain to retrieve data from the Eventlog, generate the report and present it in a simple and intuitively designed UI.