SIEM, Vulnerability Scanning, Server Monitoring and Compliance Training for IT Professionals
Table of Contents

Security Event Log and Active Directory Reports

TypeDescription
Account Lockout (Active Directory/WMI)Audit Report that scans Active Directory and stand-alone servers for currently locked out accounts (e.g. Daily Lockouts).
Account Lockout (Event Log)Audit Report that that searches consolidated Event Log entries and Event Log file backups for account lockout history events (e.g. Weekly Lockouts).
Account ManagementAudit Report that searches consolidated Event Log entries and Event Log file backups for Account Management Security Event Log Events (e.g. Daily Account Management Events).
Security Group ManagementAudit Report that searches consolidated Event Log entries and Event Log file backups for Audit Security Group Management events (e.g. Daily Security Group Management Events).
New AccountsAudit Report that searches consolidated Event Log entries and Event Log file backups for Event ID 4720: A user account was created (e.g. Daily New Account Events).
Failed LogonsAudit Report that searches consolidated Event Log entries and Event Log file backups for failed logon attempts (e.g. Daily Failed Logon Events).
Success LogonsAudit Report that searches consolidated Event Log entries and Event Log file backups for successful logons (e.g. Daily Successful Logon Events).
Logon SessionsAudit Report that searches consolidated Event Log entries and Event Log file backups for logon sessions (e.g. Daily Logon Sessions).
Object AccessAudit Report that searches consolidated Event Log entries and Event Log file backups for Object Access events (e.g. Daily Object Access Events).

Related Topics

Reports

Security Event Log Report Filters