New Free App for Active Directory

Easy Active Directory log management and analysis

In organizations which uses a Windows server environment, the vast majority of authentication and access control processes are managed within Active Directory.

As a central and critical component for managing organizational IT resources, Active Directory logs contain valuable information which must be closely monitored and analyzed.

Some examples are:

  • Configuration and policy events: These event logs are used to maintain the integrity of access policies, i.e. in ensuring that no one has mistakenly or maliciously changed the access policies and configuration.
  • Group and user audit: These audit logs provide comprehensive information regarding the creation/deletion of groups, logins/ logouts etc. This information is used to investigate security breaches and unauthorized access.  
  • Active directory performance: These logs provide indications regarding the health and performance of the Active Directory services as well as user replication and errors throughout the system.  
  • Security Breaches : These logs track and monitor changes to the AD schema and configuration and provide enhanced visibility for security forensics and attack detection.

Automated Active Directory Log Analysis & Monitoring

XpoLog 7 automates the entire log management lifecycle.

This allows you to extract instantaneous value from your Active Directory deployment.

The AD analysis app uses machine-learning and NLP to automatically highlight critical issues from Active Directory logs.

What’s in it for you:

  • immediately understand the trends in your Active Directory log data.
  • Eliminates the manual definition of reports and queries creation.

Try XpoLog 7 – You’ll LOVE It

Upon download, you’ll get 30 days pro trial. When the trial ends you can decide if you wish to keep the free version or upgrade yourself.

Why You Are Going to Love it

Deploy across your entire Windows domain in minutes

The app for Active Directory deploys with an agent-less connector.

The connection and collection from all the Active Directory instances are automated across the entire domain.

What’s in it for you:

  • elimination of the need for cumbersome agents on various machines.

XpoLog7’s deployment process is automated. It automatically identifies the data structure and generates data patterns for all incoming AD logs.

Yes, you can forget complex data pattern configurations!

Yes, you will get immediate insights in a matter of minutes.

Watch how easy it is:

Ready-to-use Reports & Dashboards

The App features a variety of ready-to-use reports and dashboards, specifically designed for Active Directory log data:

  • Security Detection – organizes the most important reports and graphs for security purposes. Using this gadget, you compare the number of failed to successful logins, view the failed login trend over time, the distribution of failed login users, and more.
  • User’s Management – monitors new, deleted, and changed users, user-related actions by administrators, changed account names and more.
  • Computer’s Management – monitors new, deleted, and changed computers, computer-related actions by administrators and more.
  • Group Management – monitors new deleted and changed groups, monitors changes in groups, changes in group types, new groups members, top active groups, and more.
  • User’s Access – monitors user access attempts, such as locked users (automatically tripped by a lockout policy or by administrators), top locked users, and more.
  • Logins and Logouts – monitors user log-ins / log-outs, including successful logins and logouts (+ per user), failed logins (+per user), and more.
  • Policies – monitors changes to the policies, including policy changes reports, top changed policies, top policy changes by admins, etc.
  • Passwords – monitors password resets, including password resets reports, password changes reports, password resets per admin, top reset users and more.
  • Directory services – monitors directory services and their operations, including created/modified objects reports, created/modified objects per admin, and more.
  • Trends – a centralized view of important Active Directory trends over time, such as created and deleted users/groups, locked and disabled users, failed logins, and more.

Upon download, you’ll get 30 days pro trial. When the trial ends you can decide if you wish to keep the free version or upgrade yourself.

 Analytics-Based Monitoring

XpoLog 7 provides automatic insights based on advanced correlations, machine learning and anomaly detections.

The platform:

  • analyzes all the events and error message.
  • understands their impact.
  • and automatically assigns a severity score to these events (e.g. High, Medium, etc.).

These insights are built into the ready-to-use reports and dashboards. XpoLog7 AD app enables an immediate situational awareness of problems across the entire deployment.

A few examples of this are:

  1. A graph displaying problems distribution over time.
  2. A report centralizing the number of occurrences of a certain type of problem (e.g. messages that include the phrase “audit failure”) together with their security level.

Log Viewer with AD Filters and Search Queries  

XpoLog’s unified log viewer allows you to view and analyze log files from a single AD Domain or across multiple domains.

XpoLog brings the knowledge of how to analyze AD logs to the administrator’s fingertips.

The tool offers a set of predefined filters and searches queries specifically designed for Active Directory logs.

The log viewer enables data filtering based on specific:

  • domains
  • servers
  • administrators
  • group name/type, object
  • as well as the specific event ID, event description, etc.

The filters can be used on every gadget, including controlling the timeframe for the data.

Have a suggestion for an analytics app? Submit Here