We will have auditors coming into our office soon and I know they will ask me if I track what the domain administrator account is doing. We have three people using this user account to make changes as needed.
I'm looking for a tool that give us good idea what the windows domain administrator account is doing.
We've enabled auditing on our domain controllers and see a lot of entries being added now to this event log.
Is there a tool that summarizes this event log in reports or in drill down menus? Is the answer SCOM?