Solved

Windows Server config change monitoring

Posted on 2013-12-11
7
287 Views
Last Modified: 2013-12-18
Need help with a project.
Using SCOM, check and keep track of file servers changes and send alerts.
0
Comment
Question by:zman2013
7 Comments
 
LVL 19

Assisted Solution

by:jss1199
jss1199 earned 250 total points
ID: 39712030
That is a broad subject - any specific changes?  SCOM is not meant to perform full configuration management and change tracking, but rather to monitor systems for known conditions.  To do what you seem to be asking, you would need to create a monitor and rule for every potential change to the file system, registry, etc.

Your best bet is to use the companion System Center product SCCM to create configuration baselines, so you can then report (and alert) where your configuration has drifted.
0
 

Author Comment

by:zman2013
ID: 39712133
Steps are to create separate profile for individual servers and run a script to match the config everyday.  Send alert if there is a change?
0
 
LVL 8

Assisted Solution

by:Leon Taljaard
Leon Taljaard earned 250 total points
ID: 39712414
Hi

You could also look at implementing SCOM ACS which is an auditing addition to SCOM that can track, alert and report on changes, especially file servers, like privilege use, object access and things like that.

So meaning something like when you enable auditing via GPO in local security policy.

Thanks
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 19

Assisted Solution

by:jss1199
jss1199 earned 250 total points
ID: 39712446
To correct Leon, respectfully, SCOM ACS is strictly a security even log collector.  It takes the security event logs from each monitored machines and forwards them to the ACS database for analysis and reporting - it does not report on changes.

For what the OP wants, he should leverage SCCM's configuration management feature.
0
 
LVL 8

Accepted Solution

by:
Leon Taljaard earned 250 total points
ID: 39712489
Hi

Sure, yes it only collects but it presents it a better format than looking through event logs and you can also alert on it.

The SCCM Compliance feature is also an option and also a great feature I use I our environment.

It was merely a suggestion that is also an option and used extensively, depending on what exactly is required.

But yes all changes and config will have to be setup and planned.

Thanks
0
 
LVL 8

Expert Comment

by:Leon Taljaard
ID: 39712504
The only problem I have had with the Compliance part of SCCM or lack of feature is the alerting in SCOM of the individual out of compliance object.

When something is out of compliance the alert generated is a broad alert about the compliance being out as a whole instead of showing the only one being changed.

Thanks
0
 
LVL 3

Expert Comment

by:Detlef001
ID: 39714103
You can achieve this from an application. Manually you can create an auditing on that too at some place but you can't generate the alerts for them as well.

Please have a look at this application for the file server application monitoring.
0

Featured Post

Superior storage. Superior surveillance.

WD Purple drives are built for 24/7, always-on, high-definition security systems. With support for up to 8 hard drives and 32 cameras, WD Purple drives are optimized for surveillance.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Cybersecurity has become the buzzword of recent years and years to come. The inventions of cloud infrastructure and the Internet of Things has made us question our online safety. Let us explore how cloud- enabled cybersecurity can help us with our b…
Most of the applications these days are on Cloud. Cloud is ubiquitous with many service providers in the market. Since it has many benefits such as cost reduction, software updates, remote access, disaster recovery and much more.
This Micro Tutorial will teach you how to censor certain areas of your screen. The example in this video will show a little boy's face being blurred. This will be demonstrated using Adobe Premiere Pro CS6.
This Micro Tutorial demonstrates using Microsoft Excel pivot tables, how to reverse engineer competitors' marketing strategies through backlinks.

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

27 Experts available now in Live!

Get 1:1 Help Now