Registry Keys for Monitoring Active Directory
Review the basic registry keys that you may need to configure for monitoring Active Directory with Netwrix Auditor. Navigate to Start → Run and type "regedit".
| Registry key (REG_DWORD type) | Description / Value |
|---|---|
| HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Netwrix Auditor\AD Change Reporter | |
|
CleanAutoBackupLogs |
Defines the retention period for the security log backups:
|
|
IgnoreAuditCheckResultError |
Defines whether audit check errors should be displayed in the Activity Summary footer:
|
|
IgnoreRootDCErrors |
Defines whether to display audit check errors for the root domain (when data is collected from a child domain) in the Activity Summary footer:
|
|
LogonResolveOptions |
Defines what will be shown in the Workstation field:
|
|
MonitorModifiedAndRevertedBack
|
Defines whether the Activity Summary must display the attributes whose values were modified and then restored between data collections:
|
|
ShortEmailSubjects
|
Defines whether to contract the email subjects:
|
|
ProcessBackupLogs
|
Defines whether to process security log backups:
NOTE: Even if this key is set to "0", the security log backups will not be deleted regardless of the value of the CleanAutoBackupLogs key. |
| HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Netwrix Auditor\AD Change Reporter\<monitoring plan name> | |
|
CollectLogsMaxThreads |
Defines the number of Domain Controllers to simultaneously start log collection on. |
| HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Netwrix Auditor\Management Console\Database settings | |
|
SqlOperationTimeout |
Defines the timeout for executing SQL queries such as data selection, insertion or deletion (in seconds). |
|
timeout |
Defines the Audit Database connection timeout (in seconds). |