6 docs tagged with "Accounts"

This ticket template is used to manage the CW Manage ticket generation settings for the Excessive Logon Attempts Alert Condition

Detects and summarizes failed logon attempts (Event ID 4625) from the Windows Security event log within a specified time window.

The condition runs the automation once per hour and generates a ticket with the script’s results if any monitored event log is detected.

This will Detect and summarize failed logon attempts (Event ID 4625) from the Windows Security event log within a specified time window.

Exports a detailed report of all domain users to a CSV file from a Windows Domain Controller. (Path: C:\ProgramData\_Automation\Script\Get-DomainUsers\DomainUsers.csv)

This dataview provides insights into newly created accounts, including details about the creator, account type, and logon status. It is essential for auditing account creation on servers and helps in monitoring security and compliance.