ADAudit and Netapp ONTAPI (ZAPI) EOL.
NetApp are in the process of phasing out their old ONTAPI (ZAPI). ONTAP 9.13.1 software will be the final version to offer normal support of ONTAPI. ONTAPI access re-enablement will not be supported on ONTAP 9.18.1 As ADAudit uses ZAPI (We do need to
Nasuni NAS
I saw another post about Nasuni being on the roadmap for 2022. Just was wondering if that was still in the works. Nasuni is our primary NAS and would love to add it to ADAudit.
GUI for SSL management
Hello ADAP Team. I am ZOHO customer many years and during this time I viewed that many yours product obtain normal GUI for SSL management (like EC, OpManager, ADManager) but ADAP still living without it ( Why? When ADAP also will be with normal SSL management
Widgets from ADAP
Hi ALL We use SDP and there are some Widgets form OpManager. We want include some data from ADAP too but it don't has any widgets options ( Our Helpdesk Team needs Widgets like: Recently Locked Out Users, Recently Disabled Users and other reports Could
Customizing summary reports
Hi. As the title says - is it possible to customize the daily summary report been sent by mail? We're looking to change the font sizes, adding links to the appropriate reports in the system, even splitting to multiple reports incase of multiple domains. Thanks in advance Shlomi
Schedule Backup database
Hi In some ManageEngine products, database backup can be performed automatically by setting a schedule for that. Is this feature going to be added to ADAudit Plus soon? Regards Rochdi
Multiple Schedules on Reports
I had a single report that I had to clone 10 times because I wanted it to run at different times. Attaching multiple schedules to same report would be great!
ADAudit export reports operation is not workng correctly
Hi!, my customer is using ADAudit and alll graph reports are not working at the time of export. The graphs are not exported, just a table format report. Is there a way to change this behaviour???
Multi-factor Authentication for ADAudit?
What's the plan for bringing MFA to ADAudit ala the same module and setup that is used in EventLog Analyzer? MFA is becoming standard practice and this is something the application can really benefit from.
Stop auto-running the reports when selecting it from the menu.
Turn off automatic running of a report when you select it from the menu. Too much time is being spent on unnecessary db calls when a user is going into a report and it auto-launches as soon as you go into it. Let the user perform the criteria and then be presented to a "Run Report" button.
Auto add Member servers
Is there a way to script the auto add of new member servers into AD Audit? Doing this manually is a waste time. Thanks!
Feature request: Alert for a same source user
Currently, when we configure an alert in ADAP, we have the option to configure 'Threshold based alerts'. That way we can set a number of events within a given time period so that the alert is triggered. It would be useful if you had the option 'from the same source user'. In this way, we could generate an alert if the same user made changes to several files in a short period of time, for example (in this way we would even know if it was a ransomware attack).
AD Audit File audit - EMC Isilon support
Hi, I noticed that there is suport for vnx,vnxe and Celera - do you plan for suport for EMC Isilon ? Maybe it's already supported ? Regards Bogdan Sobczak
Server 2016 compatability
Has manage engine begun testing AD Audit Plus with Server 2016 preview builds? We are curious to know if it will be compatible out of the box.
Custom report wildcard support needed
The Custom Reports are a step in the right direction. However, support of wildcards is needed. For example, if I want to create a report that shows me all Remote Interactive logons but I want to create a filter that says not to include account names that begin with a certain string, currently I can't do this -- all accounts to be excluded have to be selected using checkboxes and new accounts matching my criteria are not added to the filter. When will this functionality be included?
Reduce number emails for some alerts (or more intelligent alerting)
I have configured an email alert for Security Group Modified, which sends an email when a user is added or removed from a group. However, if I add 20 users, I get 20 email alerts. Can we get an more intelligent email alert that combines these into one? For example, "Security Group Modified - 20 accounts added"? Also, when a user account is created, it gives me separate alerts for User Enabled, User Created, User Renamed for that single action of creating a user account.Can you add alerting rules,
Adding Linux Servers that use AD for Authentication?
Is there a way to monitor Linux servers that use AD for authentication to help with tracing user lockout issues?
Send Emails with High Priority Status?
We'd love it if we could have alert emails sent with "High Importance" status. We typically set our mobile devices to only notify us of "high importance" flagged emails, and some alert emails would fall into that category for us. Thanks.
Ad Audit File audit - EMC Unity support
EMC Unity is not listed on supported platform page. Does is use same auditing framework as EMC VNX ? Is Unity on your roadmap ?
Granular Exclusions for File Auditing
It seems like you can exclude an account from having it's file auditing events collected but ideally, you would be able to exude certain events from being collected on a per account basis. For example, I have a product that collects detailed file statistics from my large file server. At times, it needs to trawl shares and this generates a huge amount of read operations. I'd like to exclude these read events from being collected but collect any file deletions it might make or other changes.
ADAudit Plus options
We are currently licensed for a certain number of DC's but I wanted to ask if the ADAudit plus tool will audit Disk space on DC's and member servers? I realize those are member server licenses that we would need to purchase but just wanted to ask. Thanks, Matt
Include 'Pre-Windows 2000 Name' attribute in reports
Hi guys, please consider including the 'pre-windows 2000 name' in reports and data collection. This would be very useful to us in our reports.
Ability to Copy Report Profiles
Please add the ability to copy report profiles
Ability to Copy Alert Profiles
Please add the ability to copy alert profiles
Exclude Service Account from specific IP or Computer
I think it's great that I can exclude known Service Accounts as they generally log a lot of unnecessary information. Would it be possible or good idea to have a feature where you can exclude a service account only from a specific IP address or computer? This way you can see if the account is being used outside of what system it was intended for.
Real-Time Export of Alert Data to 3rd Party
Is there (or are there plans) to allow Real-Time export of ADAudit Plus data/alerts to an external source? Our Security group is requiring all areas (Server, Network, Storage) to feed up information from their respective tools to their platform (Splunk). Log360 is not an option for us -- this is a mandate from our Security group to feed into their existing tool (Splunk).
Ability to Copy Rule Groups in Custom Audit Actions
Recently doing a lot of work with custom audit actions. Would be nice if one could copy and existing rule group and past within the same audit action. For example, On one custom audit actions i needed to it take into account the file name involved. That meant re-creating the same rule group 25 times within the same audit action and then adding an additional filter in each rule group for the file name. very tedious. Of course, if the rulr group logic could simply have been changed to AND ..... :)
Ability to change rule group Logic to AND in Custom Audit Actions
For example, on one custom audit action I needed to it take into account the file name involved. That meant re-creating the same rule group 25 times within the same audit action and then adding an additional filter in each rule group for the file name. this is because in the absence of advanced correlations, the rule group logic is always OR . Very tedious. Of course, if the rule group logic could simply have been changed to AND I could have simply created 1 additional rule group, set the rule groups
Filters Based on Account Exclusion rather Than Inclusion
All the filters on report/alert profiles for file auditing (and other actions) are based on the inclusion of user names i.e. if username X accesses this file alert me. You can also include groups. However, often, especially with file auditing we wish to alert if any user except X access a file. Currently, do to this one must duplicate all file auditing actions and filter against the username you wish to exclude which is very cumbersome.
Custom reports with Filter
The Custom Reports are a small step in the right direction, but we need a way to filter the results. For example, if we want a logon report for users, we can create a report that uses the Local Logon check boxes, but doesn't appear to be a way to filter this to specific users. So we end up with pages and pages and pages of logons, when some if not all of them may not even be what we want. When will this functionality be included?
Product Roadmap
It would be nice if there were some community visible road map or the product so we could see what was planned for the next release and future releases. A kind of 'what we are working on blog'
search by username instead of full name
Would be nice to do a logon history report on a user, and be able to type in the username instead of the full name of the user when selecting the account to search for.
Collect Logon Audit from NetApp Filers
The ability to collect CIFS logon audit events from NetApp filers if this setting is enabled on the filers: cifs.audit.logon_events.enable
Exclude arbitrary username
The product allows you to exclude domain accounts from collection i.e. events with that account name in it will not be collected and aggregated into reports. What would be great though is that if the product could also excluded non-domain accounts. non-domain account generate 'Unknown username' event son the domain. one such example we face is highlighted here: https://support.microsoft.com/en-us/kb/2591305 we get thousands of these daily due to the way the Exchange 2010 MP works. Would be nice to
Ability to copy custom reports
Would be nice to be able to copy custom reports. Often I need to create the same report and just change something basic like the filtering for a user. I currently have over 200 custom reports. Would be nice to be able to clone them or create a template etc.
Event Field Variable Expansion for Alert E-Mail addresses
I often create alerts for accounts locking out/bad passwords etc. Normally I use an advanced alerts to specify thresholds for these events and filter them to a specific user. What would be nice would be if you could use the fields from the event in the email address like you can in the custom alert message. For example, I could then fire UserA and email when they have had many bad passwords in a week by expanding the %USERNAME% variable on the custom alert. Currently, I have to create an alert profile
Alert Profiles - Include Link to Report Profile
Would be nice to be able to include a hyperlink to a report profile in an email alert. The reason I ask is we have configured many alerts to go to admin users when their accounts have a high rate of failed logons against them (i.e. if they have left themselves logged on onto servers and their passwords expire). We can easily fire them an alert indicating that there had been a high password failure against their accounts. However, I would also like to include a link to the report profile so they could
Report that lists all accounts?
I need to create a report of all enabled user accounts and disabled user accounts. I am only seeing reports for "recently" enabled/disabled, but I need to see all of them. How do I just get a report of all the accounts?
Custom Report Profile Behavior with historical data
Recently but we had started running a major audit and found all sorts of gaps in the date using custom reports. The reason was as you stated: custom reports will only reflect data from after the point in time after creation Now, here's my issue(s) with this: Is this documented in the product documentation anywhere? Not that I can see nor are many of the behaviors of this product that make me pull my hair out. You can create a custom report at say 13:00. Then later you can load the report and select
Reports to show which GPO being applied
Please consider adding reports to show policies being applied so we can trace down to know if a particular policy is causing issues or if a newly created policy is working as expected.
Next Page