Updated: Windows General Security Management Pack v1.0.0.8

Version 1.0.0.8: Includes modified rules to exclude computer accounts. The Mobieus™ – Windows General Security Management Pack (1.0.0.8) is a simple management pack designed to Alert on specific types of logon failures:

  1. Logon Failure – User Account Locked Out
  2. Logon Failure – Account Disabled
  3. Logon Failure – Expired Password
  4. Logon Failure – Bad Password
  5. Logon Failure – Logon Does Not Exist

The management pack targets the Windows Server Operating System. By default the Security log on any server monitored by System Center Operations Manager will be monitored for an Audit Failure for Event ID 4625 and with a specific Sub Status code.

Additionally:
1. Tested on SP1 and R2 management groups.
2. The management pack only Alerts on User Accounts.
3. The Alerts are configured to capture both the Target Username and Workstation Name for  easier viewing. Just be sure to Personalize your Alert view and enable Custom Field 1 and Custom Field 2.
4. Alert Suppression has also been enabled to reduce Alert storms – Target Username and Workstation Name are the default criteria.

Download Now

Connect with Mobieus Solutions:

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s