The P-Microsoft Windows package offers an easy way to monitor both host and entity related individual incidents. Furthermore, it offers a flexibility to integrate the product's events with either Activate L1 Indicator and Monitoring packages or the existing non-Activate contents for further detection and investigation. This package supports following Use Cases and User Stories:
Please see the Release Notes for changelog details.
New rule resources added
This release contains the following:
1) Verified and Fine-tuned Rules and Filter conditions for efficient event evaluation.
2) Included : 'System Audit Policy was Changed'', "DSRM Account Password Change Attempt", "Custom Special Group Logon Tracking" & "A Directory Service Object Was modified" user stories to this release.
Similar apps are based on app category, product compatibility, popularity, rating and newness. Some apps may not show based on entitlements. Learn more about entitlements.
Related content and resources
Please upgrade to one of the following broswers: Internet Explorer 11 (or greater) or the latest version of Chrome or Firefox