In search of a solution that allows me to start and stop the various services the Netwrix Auditor Server uses, I came up with this script.
This script will query all your systems (or subset of them) for what sessions are currently open, along with their status. This can help you enforce login policies.
This script allows you to find out which admin accounts were used in the last 7 days. This allows you to identify any potential misuse or abuse.
This script will help you find out what accounts in your environment logged bad login attempts in the last day so you can further investigate.
This script will help you identify which groups have recently been updated in your Active Directory environment so you can investigate.
Need to know whose accounts recently changed their password in the last 7 days or otherwise? This script will help you find out.
As part of a healthy security strategy, its a good idea to keep tabs on account modifications in your environment. This script helps you accomplish that.
This script allows you to find out what users were created in your Active Directory environment in the last 24 hours. You can further customize to your environment.
This script will help you audit your deployment of Lithnet's IdleLogoff tool and what users are currently logged in.
This script will allow you to clear the event archives that build in a windows server if you have archiving enabled in your event logs.