Getting Started
- System Requirements
- Installation
- Assign Service Logon As Credentials
- Registration
- Version Support Policy
Agent-Based Management
Common Tasks
- Account Lockout Monitoring and Reporting
- Event Log Archiving for JSIG and CMMC Compliance
- Exporting and Importing Configuration Objects
- RDP Session Monitoring and Reporting
- Merging Logs
- Amazon S3 Bucket Support
- Azure File Share Support
Data Providers
- Data Provider Properties
- SQLite Properties
- MySQL Properties
- Microsoft SQL Server Properties
- File System Properties
Directory Services
Auditing
- Audit Work Items
- Self-Auditing
- Group Policy Auditing
- Password Expiry Auditing
Hosts
- Adding Hosts
- Host Properties
- Batch Update Hosts
- Agent Properties
- Logon As Properties
- SFTP Properties
- FTP/S Properties
- SNMP Device Connection Properties
- WMI
- Contact
- Exclusions
- Inventory
- Docker
- Host Assignments
Templates
- Template Properties
- Batch Update Templates
- Assign Templates
- Log Management Templates
- SCAP Compliance Monitor
- Active Directory User Monitor Templates
- File and Directory Monitor Templates
- Windows Monitor Templates
- Network and Application Monitor Templates
- SSL Certificate Monitor Templates
- Database Templates
- Email Monitor Templates
- SNMP Monitor Templates
- Windows Accounts Templates
Monitors
- Monitor Hierarchy
- Temporarily Suppress Monitors Actions
Reports
- Report Properties
- Security Reports
- Generic Log Reports
- File and Permission Reports
- Summary Reports
- Artificial Intelligence Reports
  - AI Anomaly Detection Report
  - AI Anomaly Detection Report (Template Triggers)
Auto-Configurators
Filters
- Simple Filters
- Complex Filters
Actions
- Database Actions
- Desktop Actions
- Disconnect RPD Session Actions
- Email Actions
- Event Log Actions
- Executable Actions
- File Actions
- IIS IP Address Restriction Actions
- Microsoft Teams Actions
- PowerShell Actions
- Report Actions
- Service Actions
- SMS Actions
- SNMP Trap Actions
- Syslog Actions
- Template Actions
- Action Variables
Schedules
- Fixed Schedules
- Range Schedules
- Real-Time Schedules
Environment Variables
Options
- Email Settings
- Security Settings
- Syslog Server Settings
- SNMP Trap Server Settings
- Log Viewer Settings
- Web Proxy Settings
- Miscellaneous Settings
- Logging Settings
SNMP
- SNMP Browser
SSH Shell
Syslog
System Reset
Shared Views
- Active Directory User and Group Filters
- Assign Actions
- Assign Azure Audit Logs
- Assign Consolidated Logs
- Assign Directories
- Assign Disks
- Assign Event Logs
- Assign Files
- Assign Services
- Assign Shares
- Auto-Config Host Assignment Properties
- Define CSV and W3C Log Entry Columns
- Define Log Entry Columns
- Define Log Entry Columns with Regular Expressions
- Executable Status
- Executable Timeline
- Explicitly Assigned Logs
- File Explorer
- General Executable Properties
- Report Columns
- Report Date/Time Ranges
- Report Security Event Log Filters
- Select Folder or File
- Target Files and Sub-Directories
Command Line Interface
Server Configuration
Agent Configuration
Troubleshooting
- Arithmetic Overflow
- Access Denied
- MySQL: Fatal error encountered during command execution
- Invalid Class
- No Such Interface Supported
- Quota Violation
- The File Exists Errors
- The Interface is Unknown
- The RPC Server is Unavailable
- NetBIOS Errors
Terminology

Windows Monitor Templates

Available Templates

Type	Description
Resources
CPU Monitor	Monitor CPU load over a period of time (e.g. Get notified when CPU load exceeds 50% for 10 minutes).
Memory Monitor	Monitor memory consumption over a period of time (e.g. Get notified when memory consumption exceeds 75% for 10 minutes).
Disk Space Monitor	Monitor free disk space (e.g. Every hour check the available disk space on all logical disks).
General
Account Lockout Monitor	Configure the frequency to scan Active Directory for domain account lockouts and the frequency to scan servers for local account lockouts.
Audit Policy Monitor	Set, monitor and maintain the Windows Audit Policy (e.g. Notify and update when an Audit Policy deviates from your baseline).
Logon Monitor	Monitor Windows logon events (e.g. Get notified when any domain administrator logs on to a server).
Performance Counter Monitor	Monitor Windows Performance Counters (e.g. Trigger an alert when IO latency is greater than 20ms).
PowerShell	Run a PowerShell command or script, parse results, trigger alerts and report results.
Process Monitor	Monitor Windows Processes and the resources they consume (e.g. Restart a process when it consumes more than 4 GBs of memory).
RDP Session Monitor	Monitor RDP sessions beyond the Windows Session Time Limits. (e.g. Log off idle non-Administrator sessions or sessions that download over 1 GiB of data).
Registry Value Monitor	Monitor a Windows Registry Value (e.g. Get notified when a Registry Value is changed to an unexpected value).
Service Monitor	Monitor Windows Services and the resources they consume (e.g. Restart a service when it consumes more than 4 GBs of memory).
SMART Disk Monitor	Monitor SMART Predictive Disk Failure status (e.g. Check SMART status every hour).
System Security Monitor	Execute secedit, parse results, trigger alerts, report results and scan for vulnerabilities (e.g. Scan for DISA STIG Vulnerabilities).
Windows Update	Search, filter, notify, report and install Windows Updates (e.g. Automatically install all .Net Desktop Runtime updates).
Windows Management Instrumentation (WMI) Query	Query a WMI class, parse results, trigger alerts, report results and scan for vulnerabilities (e.g. Scan for DISA STIG Vulnerabilities).
Tasks
Clock Synchronization	Synchronize clock time with a Network Time Protocol (NTP) server (e.g. Synchronize the clocks on all your once a week).
Defragment NTFS Disks	Schedule the service to remote execute disk defragmentation (e.g. Defragment production disks once a week).
Task Scheduler	Start, stop or restart an application or script (e.g. Launch a PowerShell script on a managed server)

Table of Contents

Windows Monitor Templates

Available Templates