Netwrix Auditor For Windows Server Quick Start Guide

Netwrix Auditor
for Windows Server

Quick-Start Guide
Version: 6.5
9/26/2014
Legal Notice
The information in this publication is furnished for information use only, and does not constitute a
commitment from Netwrix Corporation of any features or functions, as this publication may describe
features or functionality not applicable to the product release or version you are using. Netwrix makes
no representations or warranties about the Software beyond what is provided in the License Agreement.
Netwrix Corporation assumes no responsibility or liability for the accuracy of the information presented,
which is subject to change without notice. If you believe there is an error in this publication, please report
it to us in writing.
Netwrix is a registered trademark of Netwrix Corporation. The Netwrix logo and all other Netwrix
product or service names and slogans are registered trademarks or trademarks of Netwrix Corporation.
Active Directory is a trademark of Microsoft Corporation. All other trademarks and registered trademarks
are property of their respective owners.
Disclaimers
This document may contain information regarding the use and installation of non-Netwrix products.
Please note that this information is provided as a courtesy to assist you. While Netwrix tries to ensure
that this information accurately reflects the information provided by the supplier, please refer to the
materials provided with any non-Netwrix product and contact the supplier for confirmation. Netwrix
Corporation assumes no responsibility or liability for incorrect or incomplete information provided about
non-Netwrix products.
2014 Netwrix Corporation.
All rights reserved.
2/29
Table of Contents
1. Introduction
1.1. Netwrix Auditor Overview
4
4
2. Netwrix Auditor System Requirements
2.1. Requirements for Audited System
2.2. Requirements to Install Netwrix Auditor
2.2.1. Hardware Requirements
2.2.2. Software Requirements
3. Install the Product

4. Configure Computers for Auditing Privileged User Session Activity
8
10
4.1. Configure Data Collection Settings
10
4.2. Configure Video Recordings Playback Settings
12
5. Create Managed Object to Audit Windows Server and Privileged User Session Activity
16
6. Integrate Reports with Video
21
7. Launch Initial Data Collection
22
8. Make Test Changes
23
9. See How Changes AreReported
24
9.1. Review a Change Summary
24
9.2. Review Changes with the Windows Server Overview Dashboard
26
9.3. Review the All Windows Server Changes by Date Report
27
10. Related Documentation
29
3/29
Netwrix Auditor for Windows Server Quick-Start Guide

1. Introduction
1. Introduction
This guide is intended for the first-time users of Netwrix Auditor for Windows Server. It can be used for
evaluation purposes, therefore, it is recommended to read it sequentially, and follow the instructions in
the order they are provided. After reading this guide you will be able to:
l
Install and configure Netwrix Auditor
Create a Managed Object to start auditing a Windows-based server
Launch data collection
See how changes are reported
NOTE: This guide only covers the basic configuration and usage options for auditing Windows Server with
Netwrix Auditor. For advanced installation scenarios and configuration options, as well as for
information on various reporting possibilities and other product features, refer to Netwrix Auditor
Installation and Configuration Guide and Netwrix Auditor Administrator's Guide.
1.1. Netwrix Auditor Overview

Netwrix Auditor is a change and configuration auditing platform that streamlines compliance, strengthens
security and simplifies root cause analysis across the entire IT infrastructure. It enables complete visibility
by auditing changes made to security, systems and data.
Netwrix Auditor provides complete visibility into IT infrastructure changes with:
l
Change auditing: determine who changed what, when and where.
Configuration assessment: analyze current and past configurations with the stateintime reports.
Predefined reports: pass audits with more than 200 outofthebox reports.
Netwrix Auditor employs AuditAssurance , a patent pending technology that does not have the
disadvantages of native auditing or SIEM (Security Information and Event Management) solutions that rely
on a single source of audit data. The Netwrix Auditor platform utilizes an efficient, enterprise grade
architecture that consolidates audit data from multiple independent sources with agentless or lightweight,
non intrusive agent based modes of operation and scalable two tiered storage (file based + SQL
database) holding consolidated audit data for 10 years or more.
Powered by the Netwrix AuditAssurance technology, Netwrix Auditor makes change auditing an easy and
straightforward process, resulting in a complete and concise picture of all changes taking place in your IT
infrastructure.
Netwrix Auditor for Windows Server detects and reports on all changes made to Windowsbased servers'
configuration, including hardware devices, drivers, software, services, applications, networking settings,
registry settings, DNS, and more. It also provides automatic consolidation and archiving of event logs data.
4/29

1. Introduction
Netwrix Auditor collects Windows event logs and syslog events from multiple computers across the
network, stores them centrally in a compressed format, and enables convenient analysis of event log data.
In addition, Netwrix Auditor for Windows Server can be configured to capture a video of users' sessions on
the audited computers which helps analyze how changes to your ITinfrastructure were made. Video
records can be integrated into change reports on different audited systems.
5/29

2. Netwrix Auditor System

Requirements
This section lists the requirements for the systems and applications that are going to be audited with
Netwrix Auditor, and for the computer where the product is going to be installed.
2.1. Requirements for Audited System

The table below provides the requirements for the systems and applications that can be audited with
Netwrix Auditor for Windows Server:
Audited System
Supported Versions
Windows Server
Desktop OS: Windows XP SP3 (32 and 64-bit) and above
Server OS: Windows Server 2003 SP2 (32 and 64-bit) and above
NOTE: Netwrix Auditor provides limited support for auditing servers
running Windows Server 2012 R2.
2.2. Requirements to Install Netwrix Auditor

This section provides the requirements for the computer where Netwrix Auditor is going to be installed.
Refer to the following sections for detailed information:
l
Hardware Requirements
Software Requirements
2.2.1. Hardware Requirements

Before installing Netwrix Auditor, make sure that your hardware meets the following requirements:
Hardware
Minimum
Recommended
Processor
Intel or AMD 32 bit, 2 GHz
Intel Core 2 Duo 2x 64 bit, 3 GHz
RAM
2 GB
8 GB
Component
6/29

Hardware
Minimum
Recommended
Component
Disk Space
500 MB physical disk space for the product installation
1 GB for the Audit Archive
500 MB for SQL Server databases where audit data is going to be stored
NOTE: These are rough estimations, calculated for evaluation of Netwrix Auditor
for Windows Server. Refer to Netwrix Auditor Installation and
Configuration Guide for complete information on the Netwrix Auditor disk
space requirements.
Screen resolution
1024 x 768
Screen resolution recommended by your

screen manufacturer.
2.2.2. Software Requirements

The table below lists the minimum software requirements for the Netwrix Auditor installation:
Component
Operating system
Requirements
l
Desktop OS: Windows 7 (32 and 64-bit) and above
Server OS: Windows Server 2008 R2 and above
Framework
.Net Framework 3.5 SP1
Additional
Internet Explorer 7 and above
Windows Installer 3.1 and above
Windows Media Player (only required to audit privileged user session
Software
activity)
7/29


To install Netwrix Auditor
1. Download Netwrix Auditor 6.5.
2. Unpack the installation package. The following window will be displayed on successful operation
completion:
3. Click Install. Follow the instructions of the setup wizard. When prompted, accept the license
agreement and specify the installation folder.
Netwrix Auditor shortcuts will be added to the Start menu/screen and the Netwrix Auditor console will
open.
8/29

9/29

4. Configure Computers for

Auditing Privileged User Session
Activity
Perform the following procedures to configure computers for auditing privileged user session activity:
l
Configure Data Collection Settings
Configure Video Recordings Playback Settings
4.1. Configure Data Collection Settings

To successfully track privileged user session activity, make sure that the following settings are configured
on the audited computers and on the computer where Netwrix Auditor is installed:
l
The Windows Management Instrumentation and the Remote Registry services are running and
their Startup Type is set to "Automatic". See To check the status and startup type of Windows
services for more information.
The File and Printer Sharing and the Windows Management Instrumentation features are
allowed to communicate through Windows Firewall. See To allow Windows features to communicate
through Firewall for more information.
Local TCP Port 9002 is opened for inbound connections on the computer where Netwrix Auditor is
installed. See To open Local TCP Port 9002 for inbound connections for more information.
Local TCP Port 9003 is opened for inbound connections on the audited computers. See To open
Local TCP Port 9003 for inbound connections for more information.
Remote TCP Port 9002 is opened for outbound connections on the audited computers. See To open
Remote TCP Port 9002 for outbound connections for more information.
To check the status and startup type of Windows services

1. Navigate to Start Run and type "services.msc".
2. In the Services snap-in, locate the Remote Registry service and make sure that its status is "Started"
(on pre-Windows Server 2012 versions) and "Running" (on Windows Server 2012 and above). If it is
not, right-click the service and select Start from the pop-up menu.
3. Check that the Startup Type is set to "Automatic". If it is not, double-click the service. In the Remote
Registry Properties dialog, in the General tab, select "Automatic" from the drop-down list.
4. Perform the steps above for the Windows Management Instrumentation service.
10/29

To allow Windows features to communicate through Firewall

1. Navigate to Start Control Panel and select Windows Firewall.
2. In the Help Protect your computer with Windows Firewall page, click Allow a program or
feature through Windows Firewall on the left.
3. In the Allow programs to communicate through Windows Firewall page that opens, locate the
File and Printer Sharing feature and make sure that the corresponding checkbox is selected under
Domain.
4. Repeat step 3 for the Windows Management Instrumentation (WMI) feature.
To open Local TCP Port 9002 for inbound connections

1. On the computer where Netwrix Auditor is installed, navigate to Start Control Panel and select
Windows Firewall.
2. In the Help Protect your computer with Windows Firewall page, click Advanced settings on the
left.
3. In the Windows Firewall with Advanced Security dialog, select Inbound Rules on the left.
4. Click New Rule. In the New Inbound Rule wizard, complete the steps as described below:
l
On the Rule Type step, select Program.
On the Program step, specify the path: %Netwrix Auditor installation folder%/Netwrix/User
Activity Video Recorder/UAVRServer.exe.
On the Action step, select the Allow the connection action.
On the Profile step, make sure that the rule applies to Domain.
On the Name step, specify the rule's name, for example UAVR Server inbound rule.
5. Double-click the newly created rule and open the Protocols and Ports tab.
6. In the Protocols and Ports tab, complete the steps as described below:
l
Set Protocol type to "TCP".
Set Local port to "Specific Ports" and specify to "9002".
To open Local TCP Port 9003 for inbound connections

1. On a target computer navigate to Start Control Panel and select Windows Firewall.
left.
4. Click New Rule. In the New Inbound Rule wizard, complete the steps as described below:
11/29

On the Program step, specify the path to the agent: %SystemDrive%\Program Files (x86)
\Netwrix\User Activity Video Recorder Agent.
On the Name step, specify the rule's name, for example UAVR Agent inbound rule.
l
Set Local port to "Specific Ports" and specify to "9003".
To open Remote TCP Port 9002 for outbound connections

1. On a target computer, navigate to Start Control Panel and select Windows Firewall.
left.
4. Click New RuleIn the New Inbound Rule wizard, complete the steps as described below:
l
On the Program step, specify the path to the agent: %Netwrix%/User Activity Video Recorder
Agent/UAVRAgent.exe.
On the Name step, specify the rule's name, for example UAVR Agent outbound rule.
l
Set Remote port to "Specific Ports" and specify to "9002".
4.2. Configure Video Recordings Playback Settings

Video recordings of users' activity can be watched in the Netwrix Auditor console. They are also available as
links in web-based reports and attachments in the emails with Activity Summaries and subscriptions. To be
able to watch video files captured by Netwrix Auditor, the following settings must be configured:
12/29

Microsoft Internet Explorer 7.0 and above must be installed and ActiveX must be enabled.
Internet Explorer security settings must be configured properly. See To configure Internet Explorer
security settings for more information.
JavaScript must be enabled. See To enable JavaScript for more information.
Internet Explorer Enhanced Security Configuration (IE ESC) must be disabled. See To disable Internet
Explorer Enhanced Security Configuration (IE ESC) for more information.
The user must belong to the Netwrix User Activity Video Reporter Auditors group that has access
to the Netwrix_UAVR$ shared folder where video files are stored. Both the group and the folder are
created automatically by Netwrix Auditor. See To add users to the Netwrix User Activity Video
Reporter Auditors group for more information.
A dedicated codec must be installed. This codec is installed automatically on the computer where
Netwrix Auditor is deployed, and on the monitored computers. To install it on a different computer,
download it from http:/www.Netwrix.com/download/ScreenPressorNetwrix.zip.
To configure Internet Explorer security settings

1. In Internet Explorer, navigate to Tools Internet Options.
2. Switch to the Security tab and select Local Intranet. Click Custom Level.
3. In the Security Settings Local Intranet Zone dialog, scroll down to Downloads, and make sure
File download is set to "Enable".
4. In the Internet Options dialog switch to the Advanced tab.
5. Scroll down to Security and make sure Allow active content to run in files on My Computer is
selected.
13/29

To enable JavaScript
1. In Internet Explorer, navigate to Tools Internet Options.
2. Switch to the Security tab and select Internet. Click Custom Level.
3. In the Security Settings Internet Zone dialog, scroll down to Scripting and make sure Active
scripting is set to "Enable".
To disable Internet Explorer Enhanced Security Configuration (IE ESC)

1. Navigate to Start Administrative Tools Server Manager.
2. In the Security Information section, click the Configure IE ESC link on the right and turn it off.
To add users to the Netwrix User Activity Video Reporter Auditors group
Depending on the computer type (workstation or domain controller) where Netwrix Auditor is installed, do
one of the following:
l
If Netwrix Auditor is installed on a workstation:

1. Navigate to Start Control Panel Administrative Tools Computer Management.
2. In the Computer Management dialog, in the left pane, navigate to System Tools Local
Users and Groups Groups.
14/29

3. In the right pane, right-click Netwrix User Activity Video Reporter Auditors, and select
Properties. Click Add and specify the users that you want to add to this group.
l
If Netwrix Auditor is installed on a domain controller:

1. Navigate to Start Administrative Tools Active Directory Users and Computers.
2. Navigate to <your_domain_name> Users.
3. In the right pane, right-click Netwrix User Activity Video Reporter Auditors, and select
Properties.
4. In the dialog that opens, select the Members tab. Click Add and specify the users that you want
to add to this group.
15/29

5. Create Managed Object to Audit

Windows Server and Privileged
User Session Activity
To start auditing your IT Infrastructure with Netwrix Auditor, you must create a Managed Object. A
Managed Object is a container within Netwrix Auditor that stores information on the auditing scope, the
Data Processing Account used for data collection, the report delivery settings, etc.
To create a Managed Object to audit Windows Server and privileged user session activity
1. Select the Managed Objects node in the left pane and click Create New Managed Object in the
right pane.
2. On the Select Managed Object Type step, select Computer Collection as a Managed Object type in
the Create New Managed Object wizard.
3. On the Specify Default Data Processing Account step, click Specify Account.
Enter the default Data Processing Account (in the DOMAIN\user format) that will be used by Netwrix
Auditor for data collection. For a full list of the rights and permissions required for the Data
Processing Account, and instructions on how to configure them, refer to Netwrix Auditor Installation
and Configuration Guide.
4. On the Specify Email Settings step, specify the email settings that will be used for Reports delivery:
Setting
Description
SMTP server
Enter your SMTP server name.
Port
Specify your SMTP server port number.
Sender address
Enter the address that will appear in the "From" field.

NOTE: It is recommended to click Verify. The system will send a
test message to the specified email address and inform you
if any problems are detected.
SMTP Authentication
Select this checkbox if your mail server requires the SMTP

authentication.
User name
Enter a user name for the SMTP authentication.
16/29

Setting
Description
Password
Enter a password for the SMTP authentication.
Confirm password
Confirm the password.
Use Secure Sockets Layer
Select this checkbox if your SMTP server requires SSL to be enabled.
encrypted connection (SSL)

Implicit SSL connection
Select this checkbox if the implicit SSL mode is used, which means
mode
that an SSL connection is established before any meaningful data is

sent.
5. On the Specify Computer Collection Name step, enter the computer collection name.
6. On the Select Target Systems step, select Windows Server and User Activity as target systems.
7. On the Configure Reports Settings step, select Enable Reports . If the Reports functionality is
enabled, a SQL database will be created automatically on wizard completion.
Select one of the following:
l
Automatically install and configure a new instance of SQL Server Express Edition to
automatically install and configure SQL Server 2008 R2/2012 Express with Advanced Services.
For detailed information on which SQLServer versions can be installed on your operating
system, refer to the Netwrix Knowledge base article: Which SQL Server versions can be installed
automatically with Netwrix Auditor.
Use an existing SQL Server instance with SQL Server Reporting Services to use an already
installed SQL Server instance.
NOTE: Make sure the account used to create the Managed Object is granted the dbcreator
server role on this SQL Server instance. Otherwise, Netwrix Auditor will fail to create a
database to store your audit data.
Specify the following parameters:
Setting
Description
SQL Server instance
Specify the name of an existing SQLServer instance to store

audit data.
Windows Authentication
Select this option if you want to use the default Data Processing
Account to access the SQLdatabase. This account must be
granted the database owner (db_owner) role. See Netwrix
17/29

Setting
Description
Auditor Installation and Configuration Guide for more
information.
Clear this option if you want to use SQLServer Authentication.
User name
Specify the account to be
used for the SQLServer
authentication. This account must be granted the database

owner (db_ owner) role and the dbcreator server role. See
Netwrix Auditor Installation and Configuration Guide for more
information.
Password
Enter a password for the SQL Server authentication.
Report Server URL
Specify the Report Server URL. Click Verify to ensure that the
resource is reachable.
Report Manager URL
Specify the Report Manager URL. Click Verify to ensure that the
resource is reachable.
NOTE: If the Data Processing Account specified earlier in this procedure is different from the account
used to create the Managed Object, you need to grant the Data Processing Account the
database owner (db_ owner) role for the newly created database. See Netwrix Auditor
Installation and Configuration Guide for more information.
8. On the Add Items to Computer Collection step, select items that you want to audit. You can add
several items to collection. Click Add, select an item type and add / browse for a computer name.
Review the following for additional information:
Option
Description
Computer name
Allows specifying a single computer by entering its FQDN, NETBIOS

or IP address. You can click Browse to select a computer from the
list of computers in your network.
Active Directory container
Allows specifying a whole AD domain, OU or container. Click

Browse to select from the list of containers in your network. You
can also:
l
Select a particular computer type to be audited within the

chosen AD
container:
Domain
controllers,
Servers
(excluding domain controllers), or Workstations.

l
Click Exclude to specify AD domains, OUs, and containers you
18/29

Option
Description
do not want to audit. In the Exclude Computers dialog, click
Add and specify an object.
NOTE: The list of containers does not include child domains of
trusted domains. Use other options (Computer name, IP
address range, or Import computer names from a file)
to specify the target computers.
IP address range
Allows specifying an IP range for the audited computers.

To exclude computers from within the specified range, click
Exclude. Enter the IP range you want to exclude, and click Add.
Import computer names
Allows specifying multiple computer names by importing a list from
from a file
a .txt file (one computer name/IP address per line is accepted). You
can choose whether to import the list once, or to update it
automatically.
If you select the Import on every data collection option, you can
later modify the list of your audited computers by editing the .txt
file. The audited computers list will be updated on the next data
collection.
9. On the Select Data Collection Method step, enable the Use Lightweight Agents option. If enabled,
an agent will be installed automatically on the audited computers that will collect and pre-filter data
and return it in a highly compressed format. This significantly improves data transfer and minimizes
the impact on the target computers' performance.
10. On the Configure Audit in Target Environment step, select Automatically for the selected
audited systems. Your current audit settings will be checked on each data collection and adjusted if
necessary.
NOTE: If any conflicts are detected with your current audit settings, automatic audit configuration
will not be performed. For a full list of audit settings required for Netwrix Auditor to collect
comprehensive audit data and instructions on how to configure them, refer to Netwrix
Auditor Installation and Configuration Guide.
11. On the Select Monitored Systems Components step, you can select the system components that
you want to audit for changes.
12. On the Configure Windows Server Change Summary Delivery Settings step, enter your email.
NOTE: It is recommended to click Verify. The system will send a test message to the specified email
address and inform you if any problems are detected.
19/29

13. On the Specify Users step, select the users whose activity should be recorded. You can select All
users or create a list of Specific users. Certain users can also be added to Exceptions list.
14. On the User Activity Video Reporter Activity Summary Delivery step, set the delivery schedule
and enter your email.
NOTE: It is recommended to click Verify. The system will send a test message to the specified email
address and inform you if any problems are detected.
15. On the last step, review your Managed Object settings and click Finish to exit the wizard. The newly
created Managed Object will appear under the Managed Objects node.
20/29


Video records can be integrated into Windows Server change reports. By integrating privileged user session
activity tracking with Windows Server reports on the same server, you will get reports with links to video
records. When you click a link, a video player will open and playback of the recorded user session will start,
showing you how each particular change was made.
To integrate Windows Server reports with videos on user activity

1. Under your Managed Object, navigate to the User Activity node and click the Integrate video
records link in the right pane.
2. In the dialog that opens, select Windows Server and click Integrate. When the operation has
completed successfully, the status of the selected audited system will change to "Integrated".
3. Restart the Netwrix Auditor console for the changes to take effect.
Once you have integrated reports with user activity video records, the Changes with Video
subfolder containing the All Changes with Video report will be added to the Reports folder under
the Windows Server audited system.
21/29


When a new Managed Object is created, Netwrix Auditor starts collecting data from the audited IT
infrastructure. The first data collection gathers information on the audited system's current configuration
state. Netwrix Auditor uses this information as a benchmark to collect data on changes. After the first data
collection has finished, an email notification is sent to your email stating that the analysis has completed
successfully. In order not to wait until a scheduled data collection, launch it manually.
To launch data collection manually

1. In the Netwrix Auditor console, navigate to Managed Objects your_Managed_Object_name.
2. In the right pane, click Run.
3. Check your mailbox for an email notification and make sure that the data collection has completed
successfully.
22/29


Now that the product has collected a snapshot of the audited system's current configuration state, you
can make test changes to see how they will be reported by Netwrix Auditor.
For example, make the following test changes:
l
Create a DNS Zone
NOTE: Before making any test changes to your environment, ensure that you have the sufficient rights,
and that the changes conform to your security policy.
23/29


After you have made test changes to the audited environment, you can see how these changes are
reported by the product. This section explains how to review the test changes you have made in the
Netwrix Auditor reports and Change Summary. Refer to the following sections for details:
l
Review a Change Summary
Review Changes with the Windows Server Overview Dashboard
Review the All Windows Server Changes by Date Report
In order not to wait until a scheduled data collection and a Change Summary generation, launch data
collection manually. See Launch Initial Data Collection for more information.
9.1. Review a Change Summary

By default, a Change Summary is generated daily at 3:00 AMand delivered to the specified recipients. A
Change Summary lists all changes / events / recorded user sessions that occurred since the last Change
Summary delivery. You can also launch data collection and a Change Summary generation manually.
After the data collection has completed, check your mailbox for a Change Summary and see how your test
changes are reported:
The example Change Summary provides the following information:
24/29

Parameter
Description
Change Type
Shows the type of action that was performed on the object.
Object Type
Shows the type of theobject.
When Changed
Shows the exact time when the change occurred.
Who Changed
Shows the name of the account under which the change was made.
Server
Shows the name of the server where the change occurred.
Resource Path
Shows the full name of the modified/added/deleted object.
Details
Shows the before and after values of the modified object, object
attributes, etc.
You will also receive an Activity Summary with information on the selected user's activity.
25/29

9.2. Review Changes with the Windows Server

Overview Dashboard
Dashboards provide a high-level overview of activity trends by date, user, server or audited system in your
IT infrastructure. The Enterprise Overview dashboard aggregates data on all Managed Objects and all
audited systems, while system-specific dashboards provide quick access to important statistics within one
audited system.
After you have launched the initial data collection, made test changes to your environment and run data
collection again, you can take advantage of the Windows Server Overview dashboard.
To see how your changes are reported with the Windows Server Overview dashboard
1. In the Netwrix Auditor console, navigate to the Enterprise Overview node.
2. In the right pane, select Windows Server Overview from the drop-down list next to Select
dashboard.
3. Review your changes.
4. Click on any chart to jump to a table report with the corresponding grouping and filtering of data.
26/29

9.3. Review the All Windows Server Changes by Date

Report
Netwrix Auditor allows generating audit reports based on Microsoft SQLServer Reporting Services (SSRS).
The product provides a wide variety of predefined reports that aggregate data from the entire audited IT
infrastructure, an individual system, or a Managed Object.
Enterprise-wide reports can be found under the Enterprise Overview node, while reports under each
individual Managed Object provide a narrower insight into what is going on in the audited infrastructure
and help you stay compliant with various standards and regulations (GLBA, HIPAA, PCI, SOX, etc.).
After you have launched the initial data collection, made test changes to your environment and run data
collection again, you can take advantage of the Reports functionality.
To see how your changes are listed in the report

1. In the Netwrix Auditor console, navigate to Enterprise Overview Enterprise-Wide Reports
Windows Server.
2. Select the All Windows Server Changes by Date report.
3. Click View Report. The report will be generated and displayed in the right pane.
To see how your changes are listed in the report with video
1. In the Netwrix Auditor console, navigate to Managed Objects <your_Managed_ Object>
Windows Server Reports Changes with Video.
27/29

2. Select the All Changes with Video report.

3. Click View Report. The report will be generated and displayed in the right pane.
4. Click on the video icon to watch a recorded user session.
28/29


The table below lists all documents available to support Netwrix Auditor for Windows Server:
Document
Description
Netwrix Auditor Installation
Provides detailed instructions on how to install Netwrix Auditor, and
and Configuration Guide
explains how to configure your environment for auditing.
Netwrix Auditor
Provides a detailed explanation of the Netwrix Auditor features and
Administrator's Guide
step-by-step instructions on how to configure and use the product.
Netwrix Auditor Release
Contains a list of the known issues that customers may experience with
Notes
Netwrix Auditor 6.5, and suggests workarounds for these issues.
29/29

Netwrix Auditor For Windows Server Quick Start Guide

Caricato da

Informazioni sul documento

Titolo originale

Copyright

Formati disponibili

Condividi questo documento

Condividi o incorpora il documento

Opzioni di condivisione

Hai trovato utile questo documento?

Questo contenuto è inappropriato?

Copyright:

Formati disponibili

Netwrix Auditor For Windows Server Quick Start Guide

Caricato da

Copyright:

Formati disponibili

Netwrix Auditor

for Windows Server

2. Netwrix Auditor System Requirements

2.1. Requirements for Audited System

2.2. Requirements to Install Netwrix Auditor

2.2.1. Hardware Requirements

2.2.2. Software Requirements

3. Install the Product

4.1. Configure Data Collection Settings

4.2. Configure Video Recordings Playback Settings

6. Integrate Reports with Video

7. Launch Initial Data Collection

8. Make Test Changes

9. See How Changes AreReported

9.1. Review a Change Summary

9.2. Review Changes with the Windows Server Overview Dashboard

9.3. Review the All Windows Server Changes by Date Report

10. Related Documentation