Kaseya Community

System Log Reports - Windows Security Logs

  • I was wondering if anyone has a good approach for creating reports/dashboard widgets for items in the Kaseya VSA. Items that I am looking to create alerts on include:

    • Domain Account creation
    • File name changes - used to alert if ransomware hits a machine
    • User account lock outs
    • User password failed login attempts
    • domain groups and user in each group

    Looking to make a dashboard with these items. 

  • It would be amazing if someone is able to create such widget.

    tank trouble



    correction
    [edited by: estell2 at 4:24 AM (GMT -7) on Sep 20, 2018]
  • Most of those could be monitored using Event log monitoring.    The first step is figuring out all the event IDs for each and what needs to be turned on each computer to generate those.    You can build Event sets that will alert you.

    For the Domain groups and users, you would probably need a script (Agent Procedure) to get what you need.

    You aren't going to be able to get a dashboard, but you could get notified!

    EDIT:  Sorry, I noticed after posting that this was a BMS question.   BMS has no ability (that I know of) to monitor anything, so it really needs to be done in the VSA.  Please correct me if I am wrong! :)



    BMS Question
    [edited by: Chris Amori at 8:17 AM (GMT -7) on Aug 1, 2018]