You can configure Windows Servers for monitoring in one of the following ways:
Automatically when creating a monitoring plan
If you select to automatically configure audit in the target environment, your current audit settings will be checked on each data collection and adjusted if necessary.
NOTE: This method is recommended for evaluation purposes in test environments.
For a full list of audit settings required for Netwrix Auditor to collect comprehensive audit data and instructions on how to configure them, refer to Configure IT Infrastructure for Auditing and Monitoring.
- Manually. Perform the following procedures:
- Enable Remote Registry and Windows Management Instrumentation Services
- Configure Windows Registry Audit Settings
- Configure Local Audit and Policies or Configure Advanced Audit Policies
- Configure Event Log Size and Retention Settings
- Configure Windows Firewall Inbound Connection Rules
- Configure DHCP-Server Operational Log
- Configure Removable Storage Media for Monitoring
- Configure Enable Persistent Time Stamp Policy
For Windows Server auditing, also remember to do the following:
- Configure Data Collecting Account, as described Configure Data Collecting Account
- Configure required protocols and ports, as described Protocols and Ports Required for Monitoring Windows Server