Solved

Windows Server config change monitoring

Posted on 2013-12-11
7
289 Views
Last Modified: 2013-12-18
Need help with a project.
Using SCOM, check and keep track of file servers changes and send alerts.
0
Comment
Question by:zman2013
7 Comments
 
LVL 19

Assisted Solution

by:jss1199
jss1199 earned 250 total points
ID: 39712030
That is a broad subject - any specific changes?  SCOM is not meant to perform full configuration management and change tracking, but rather to monitor systems for known conditions.  To do what you seem to be asking, you would need to create a monitor and rule for every potential change to the file system, registry, etc.

Your best bet is to use the companion System Center product SCCM to create configuration baselines, so you can then report (and alert) where your configuration has drifted.
0
 

Author Comment

by:zman2013
ID: 39712133
Steps are to create separate profile for individual servers and run a script to match the config everyday.  Send alert if there is a change?
0
 
LVL 8

Assisted Solution

by:Leon Taljaard
Leon Taljaard earned 250 total points
ID: 39712414
Hi

You could also look at implementing SCOM ACS which is an auditing addition to SCOM that can track, alert and report on changes, especially file servers, like privilege use, object access and things like that.

So meaning something like when you enable auditing via GPO in local security policy.

Thanks
0
Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

 
LVL 19

Assisted Solution

by:jss1199
jss1199 earned 250 total points
ID: 39712446
To correct Leon, respectfully, SCOM ACS is strictly a security even log collector.  It takes the security event logs from each monitored machines and forwards them to the ACS database for analysis and reporting - it does not report on changes.

For what the OP wants, he should leverage SCCM's configuration management feature.
0
 
LVL 8

Accepted Solution

by:
Leon Taljaard earned 250 total points
ID: 39712489
Hi

Sure, yes it only collects but it presents it a better format than looking through event logs and you can also alert on it.

The SCCM Compliance feature is also an option and also a great feature I use I our environment.

It was merely a suggestion that is also an option and used extensively, depending on what exactly is required.

But yes all changes and config will have to be setup and planned.

Thanks
0
 
LVL 8

Expert Comment

by:Leon Taljaard
ID: 39712504
The only problem I have had with the Compliance part of SCCM or lack of feature is the alerting in SCOM of the individual out of compliance object.

When something is out of compliance the alert generated is a broad alert about the compliance being out as a whole instead of showing the only one being changed.

Thanks
0
 
LVL 3

Expert Comment

by:Detlef001
ID: 39714103
You can achieve this from an application. Manually you can create an auditing on that too at some place but you can't generate the alerts for them as well.

Please have a look at this application for the file server application monitoring.
0

Featured Post

3 Use Cases for Connected Systems

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, testing some more, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

One of the most frustrating experiences a help desk technician will ever encounter is when a customer comes to them with a solution of their own invention and expects the tech to implement it. This often happens when people with a little bit of tech…
Note: This is the second blog post in a series on email clearinghouses (https://www.xmatters.com/alert-management/blog-email-has-failed-us?utm_campaign=70138000000ydLoAAI&utm_source=exex&utm_medium=article&utm_content=blog-post).   Every month t…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now