mpascucci Absent Member.
Absent Member.
320 views

Microsoft Unified Event Log Connector (Automatically Add Systems)

Hello,

We're currently using the Microsoft Unified Event Log Connector configured in the following way:

  1. Created a base DN high in the tree as to not miss anything being added in Active Directory.
  2. Setup a filter so we're only seeing Microsoft servers found with the host browsing and not workstations.

Now the issue is I'm not sure where to look once we have new systems added to the domain? I was under the impression that once a new system is found in Active Directory it will be picked up and added to the connector, or at least we'll be notified off the new system via an alert.

Is this wrong? If not can you direct me towards where to find the notifications of new systems that have been added to Active Directory so nothing falls through the cracks?

Thanks!!!

Labels (2)
0 Likes
Reply
2 Replies
sudakov-a@gaz-i1 Absent Member.
Absent Member.

Re: Microsoft Unified Event Log Connector (Automatically Add Systems)

Hi Mat!

Can you share with me, how to filter only windows servers version via host browsing method?

What type need to write after "operatingsystem=" ?

Thanks...

0 Likes
Reply
tmerzlyak Absent Member.
Absent Member.

Re: Microsoft Unified Event Log Connector (Automatically Add Systems)

Hello Mat and Alexey,

Yes, Windows Unified Connector has the ability to run AD query periodically and report new hosts as internal events to ESM or whatever your destination is.

To enable this feature you have to setup "enableautohostbrowsing" parameter to true and setup a reasonable sleep time between queries. I beleive it is set to 24 hours by default.

It will not add the new host to the list automatically .

Thanks,

Tanya

0 Likes
Reply
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.