Home Directory Plugins Security Security_Group_Changes

Search Exchange

Search All Sites

Nagios Live Webinars

Let our experts show you how Nagios can help your organization.

Contact Us

Phone: 1-888-NAGIOS-1
Email: sales@nagios.com

Login

Remember Me

Directory Tree

Security_Group_Changes

Rating
0 votes
Favoured:
0
Current Version
2.0
Last Release Date
2018-03-08
Compatible With
  • Nagios 4.x
  • Nagios XI
Owner
License
GPL
Hits
10576
Files:
FileDescription
groupchanges.vbsCheck Script
Network Monitoring Software - Download Nagios XI
Log Management Software - Nagios Log Server - Download
Netflow Analysis Software - Nagios Network Analyzer - Download
This plugin checks the windows security log for any changes to group membership. Change events are spooled and reported one at a time.
This plugin checks the security log for any changes to group membership. If detected it will spool the results in a text file in the same directory as the script. This also holds the last date/time run stamp (critical to making this run quicker). Security Auditing must be turned on. this will work on Active Directories (where I use it the most). This should work for any windows machine from 2000 to 2012 R2+. The -k keyword is overloaded and will build an array off multiple values. An Example of how I use this:
groupcheck.vbs -k "Domain Admins" -k "Administrators" -k "Enterprise Admins"
*** updated 2018-03-18
Changed to write the date / spool file all at once.
added remote host check option (-h)
-h defaults to the localhost unless specified
Please let me know if this was helpful or if it does not work. Use at your own risk!