Solved

Windows Server config change monitoring

Posted on 2013-12-11
7
293 Views
Last Modified: 2013-12-18
Need help with a project.
Using SCOM, check and keep track of file servers changes and send alerts.
0
Comment
Question by:zman2013
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 19

Assisted Solution

by:jss1199
jss1199 earned 250 total points
ID: 39712030
That is a broad subject - any specific changes?  SCOM is not meant to perform full configuration management and change tracking, but rather to monitor systems for known conditions.  To do what you seem to be asking, you would need to create a monitor and rule for every potential change to the file system, registry, etc.

Your best bet is to use the companion System Center product SCCM to create configuration baselines, so you can then report (and alert) where your configuration has drifted.
0
 

Author Comment

by:zman2013
ID: 39712133
Steps are to create separate profile for individual servers and run a script to match the config everyday.  Send alert if there is a change?
0
 
LVL 8

Assisted Solution

by:Leon Taljaard
Leon Taljaard earned 250 total points
ID: 39712414
Hi

You could also look at implementing SCOM ACS which is an auditing addition to SCOM that can track, alert and report on changes, especially file servers, like privilege use, object access and things like that.

So meaning something like when you enable auditing via GPO in local security policy.

Thanks
0
Microsoft Certification Exam 74-409

VeeamĀ® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 
LVL 19

Assisted Solution

by:jss1199
jss1199 earned 250 total points
ID: 39712446
To correct Leon, respectfully, SCOM ACS is strictly a security even log collector.  It takes the security event logs from each monitored machines and forwards them to the ACS database for analysis and reporting - it does not report on changes.

For what the OP wants, he should leverage SCCM's configuration management feature.
0
 
LVL 8

Accepted Solution

by:
Leon Taljaard earned 250 total points
ID: 39712489
Hi

Sure, yes it only collects but it presents it a better format than looking through event logs and you can also alert on it.

The SCCM Compliance feature is also an option and also a great feature I use I our environment.

It was merely a suggestion that is also an option and used extensively, depending on what exactly is required.

But yes all changes and config will have to be setup and planned.

Thanks
0
 
LVL 8

Expert Comment

by:Leon Taljaard
ID: 39712504
The only problem I have had with the Compliance part of SCCM or lack of feature is the alerting in SCOM of the individual out of compliance object.

When something is out of compliance the alert generated is a broad alert about the compliance being out as a whole instead of showing the only one being changed.

Thanks
0
 
LVL 3

Expert Comment

by:Detlef001
ID: 39714103
You can achieve this from an application. Manually you can create an auditing on that too at some place but you can't generate the alerts for them as well.

Please have a look at this application for the file server application monitoring.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

An article on effective troubleshooting
Australian government abolished Visa 457 earlier this April and this article describes how this decision might affect Australian IT scene and IT experts.
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question