Navigation:  Monitoring with EventSentry >

Compliance Tracking

The Compliance Tracking features intercept mostly security-related information from the Security event log, normalize the data and collect it in the EventSentry database. These feature are not only useful when you need to comply with federal regulations, but also for general troubleshooting, statistics and easier access to a wealth of security-related data.

Overview

Currently the following tracking features are supported:

Applying Tracking Packages

To apply a tracking package, right-click the package and select "Assign". In the resulting dialog select a group or computer to apply the package to.

Creating and Deleting Tracking Packages

To create a new tracking package right-click the Tracking Packages container and select Add Package or right-click a tracking package and select Add.

To delete a tracking package, right-click the package and select delete. All tracking objects contained in the tracking package will also be deleted.

Adding/Removing tracking objects to a Tracking Package

A tracking package consists of one or more tracking objects, whereas every tracking feature (process tracking, logon tracking and print tracking) is a tracking object that can be added to a tracking package.

To add a tracking object to a tracking package, right-click the tracking package and select the desired tracking object from the Add submenu:

The new tracking object will appear under the tracking package with a blue wheel icon associated with it. Please note that you cannot add more than one tracking object of the same type to the same tracking package. For example, you cannot add two Process Monitoring objects to the same tracking object.

To remove a a tracking monitoring object, right-click the tracking object and select Remove this object.