We have tripwire in our organization. We want to use it to audit changes to Active Directory. For example, we want to know:
-What accounts have been deleted in the past 30 days, and who deleted it
-What changes have been made to groups and users, and who made the change
-Changes to group policy, and who made them
etc...Basically any change/addition/deletion and who did it.
Looking for a tech guide on how to implement this with Tripwire.