Phone Get Quote
US: +1 888 720 9500
US: +1 888 791 1189
Intl: +1 925 924 9500
Aus: +1 800 631 268
UK: 0800 028 6590
CN: +86 400 660 8680

Direct Inward Dialing: +1 408 916 9892

Windows Active Directory Workstations Auditing

Scroll Down
Monitor every user logon / logoff and know the day-to-day user actions with detailed reports of every successful
Meet Compliance requirements of SOX, HIPAA, GLBA, PCI-DSS, FISMA with the 200+ pre-configured change audit reports
Data Archiving
Archive data for forensic analysis 3 years, 5 years or 7 years down the line! Get historical reports and save on disk space
Reports & Alerts
Audit the Active Directory objects with the 200+ pre-configured reports along with instant email alerts for critical changes
Workstation Audit Reports
View every change audit report in the Workstation audit category with the pre-configured reports to view the users' Workstations activities


Administrators can view the exact time of users' Workstation logon and logoff time along with the logon duration. This critical data in the event of an unauthorized entry or regular monitoring is at the utmost ease to view with detailed reporting which helps prevent further wrong doing at the earliest. Reports can be scheduled for automated periodic reporting along with setting instant email alerts for critical changes.

Windows Workstation Auditing | All Workstations Audit Reports

  • Track users' Workstation Logon / Logoff
  • View pre-configured reports; automate periodic reporting with scheduled reports
  • Set email alerts for critical accounts, unauthorized access
  • Logins for IT Auditors with reports view only

Sample Reports

Currently Logged On Users, Logon Duration, Local Logon Failures, Logon History, Terminal Services Activity, Users Logon Duration on Computers, Interactive Logon Failure, Terminated Users Session


SMBs or Large organizations have to comply with industry specific Compliance Act like SOX, HIPAA, GLBA, PCI-DSS, FISMA…. With our Compliance specific pre-configured reports and alerts, we ensure your network is under 24/7 audit with periodic security reports and email alerts as standard procedure.

A Few Compliance Specific Reports

SOX – Recent User Logon Activity, Logon Failures, Administrative User Actions, Domain Policy Changes, User Management, Logon History, Changes on Member Server

HIPAA – All File or Folder Changes, Computer Management, OU Management, Logon Duration, Group Management, Terminal Services Activity

GLBA – Local Logon Failures, Folder Permission Changes, Folder Audit Setting Changes (SACL), Successful File Read Access, Domain Policy Changes

PCI-DSS – Logon history, Logon Failures, Successful File Read Access, Changes on Member Server, Radius Logon History (NPS)

FISMA – Administrative User Actions, Failed Attempt to Delete File, Failed Attempt to Write File, All File or Folder Changes, Computer Management

Data Archiving

Processed event log data older than required can be archived and cleared from the working DB. This can be done using the 'Archive Events' option in ADAudit Plus. Set periodic event cleanup schedules to compress events data. Archiving audit data helps to maintain an optimum size for the working DB. The archived data is required for historical reporting, for forensics and Compliance requirements. The audited reports can be exported to xls, csv, pdf and excel formats.

Audit reports from archived data

  • Get historic reporting from archived data for security and forensic analysis
  • SOX, HIPAA, PCI-DSS require historical event data from a minimum of 3 years
  • Save gigabytes on disk space with archived events data
  • View reports from years of archived data

Reports & Alerts

Choose from the 200+ pre-configured audit reports with automatic periodic report generation right to your inbox. With 50+ Search Attributes, be ready to be empowered with detailed information, track Windows Active Directory object changes (Users, OU, Groups, GPO, Computer, Schema, DNS and System). Filter reports on business / non-business / all hours. Create custom reports, set profile based reports and also, do historical reporting from the archived data for forensics.

Instant on-screen alerts with emailing of alerts upon unauthorized network access / modification events. User, time and volume based threshold alerts help identify the problem precisely.

All Workstations change audit reports | Compliance audit reports

  • Automate periodic reporting with schedulable pre-configured audit reports
  • Create custom reports and email alerts with ease in a few clicks
  • SOX, HIPAA, FISMA, GLBA, PCI-DSS Compliance specific audit reports to help meet requirements
  • Export audit reports in XLS, CSV, PDF and HTML formats

Workstation Audit Reports

Shown here are the Workstation audit reports to give you a view into the details displayed and the various filters you can apply to further pin-point information.

Currently Logged On Users

Logon Duration

Local Logon Failures

Logon History

Terminal Services Activity

Users Logon Duration on Computers

Interactive Logon Failure

Terminated Users Session


Also in ADAudit Plus,

200+ ready-to-use audit reports for security, forensics & Compliance

Active Directory
Track Domain change events like User, Group, Computer, GPO, OU
File Server
Audit Windows File Servers, Clusters, EMC, NetApp file and folder changes
Member Server
Track every Windows Server change with reports: Summary Report....
Active Directory Auditing
  • Monitor users & administrators Domain Controller logon activity
  • Audit changes to Users, Groups, Computers, OUs, GPOs, DNS, AD Schema
  • Before & after values of GPO settings & AD objects attributes
Windows File Server
  • Audit File Servers, Windows Failover Cluster, NetApp Filers & EMC Servers
  • Monitor failed attempts & successful file create, modify, delete & file read
  • Files moved or renamed, copy-n-pasted, modifications & access permissions
Windows Member Server
  • Audit Member Servers, File Integrity monitoring, Printers & USB accesses
  • Monitor local logon, logoff, logon duration, logon failures & logon history
  • Track scheduled tasks, processes, folder audit & permission changes
ADAudit Plus is available in 4 Editions

Starts at $0

  • Never expires
  • 25 Workstations free
  • Reports can be generated from event log data collected during evaluation / license period

Starts at $0

  • All features of Professional Edition for 30 days
  • You can Audit
    5 Domain Controllers
    2 File Servers
    1 NetApp Filer (or)
    1 EMC File Server
    10 Member Servers
    100 Workstations

Starts at $595

  • 200+ pre-configured audit reports
  • AD logon activity monitoring
  • Monitor AD User, Group, Computer, OU, GPO changes
  • Audit Workstations logon / logoff
  • File create, modify, delete, access, permissions
  • Track system events, scheduled tasks
  • Printer & USB audit
  • Email alerts & Scheduled reports
  • Compliance reports
  • Data archiving

Starts at $945

  • All features of Standard Edition +
  • Group Policy Objects settings audit
  • Old & new value of all attribute changes of AD Objects
  • Active Directory permission change audit
  • Account lockout analyzer
  • DNS Server, Schema, Contacts & Configuration Auditing
  • Support for MS SQL Server database
  • ADAudit Plus has helped us meet certain SOX and PCI compliance requirements. Liking the automated monthly reports for SOX, ease of use, implementation and very cost effective solution.
    Jeffrey O'Donnell
    Director of IT,
    Uncle Bob’s Self Storage
  • We finalized on ManageEngine ADAudit Plus, primarily for our SOX Audit reports and I think the tool, with its easy to comprehend output is very cool and the highly competitive pricing helped grab our attention.
    Andreas Ederer
    Cosma International
  • We are an emergency healthcare provider. We see the software as good risk avoidance with some good risk management practices and help us meet HIPAA compliance. We chose ADAudit Plus, which works 24/7/365 like us.
    JT Mason
    Director of IT
    California Transplant Donor Network (CTDN)
  • We evaluated different software; ADAudit Plus is extremely easy to deploy and a cost-effective solution that helped us pass several industry related security audits, in-depth PEN audit test and meet HIPAA security guidelines.
    Renee Davis
    Life Management Center
  • We are a not for profit organization and had to satisfy HIPAA requirements, we chose ADAudit Plus which helped us to see what changes were made and who made them in our AD.
    Manager of Network Operations
  • ADAudit Plus was the simplest and most relevant from the several products we trialed to monitor user logon failures, account cleaning, to keep a check on malicious activities and meet PCI-DSS compliance.
    Bernie Camus
    IT Manager
Yes I'm Interested No, I'd rather pay more.

ADAudit Plus Trusted By