Netwrix Auditor – How-tos for Windows Server
Step-by-step instructions on auditing the most critical events in Windows Server
Featured How-tos
Regularly review the local users and groups on critical Windows machines in order to harden the security of your servers.
Get a list of users in local groups on Windows machines without having to use the command line on each machine or scripting in PowerShell.
Collect system inventory without wasting your time on PowerShell scripting and get details such as OS installed on each server, OS version and antivirus status.
Regularly view shared folders reports to get a list of all file shares and identify non-default shares that can jeopardize your data security.
Enforce good access hygiene by staying on top of local administrators’ group membership. Get a report to identify users whose local access rights violate your baseline.
Suspicious changes to Startup Registry keys can be a sign of malware activity. Timely detection of these changes can prevent loss of sensitive data.
This how-to shows two ways of detecting who created a new scheduled task on your windows server.
Video recording of user screen activity enables IT administrators to gain visibility into IT systems and control privileged user activity before a security breach occurs.
IT administrators need to monitor deletions of DHCP reservations to ensure no unauthorized changes took place, thus preventing system unavailability.
Continuous monitoring of DNS record deletions helps IT administrators detect abnormal actions in a timely manner and thereby avoid service unavailability.
To detect unauthorized software installation, IT pros need to monitor all changes made to server configuration and timely get alerted on them.