Skip to main content

Recommended Configurations for the 6.Activity Job Group

The Active Directory > 6.Activity Job Group has been configured by default to run with the out-of-the-box settings. It can be run directly or scheduled.

Dependencies

  • Successfully execute the .Active Directory Inventory Job Group
  • Netwrix Activity Monitor 4.1+ is archiving AD Activity Logs
  • Successfully execute the Active Directory > 5.Domains Job Group prior to running the Operations Job Group
  • (Optional) Successfully execute the Active Directory Permissions Analyzer > 0.Collection Job Group
  • (Optional) Successfully execute the FileSystem > 0.Collection Job Group

Targeted Host(s)

Netwrix Activity Monitor API Server or the host with the network share housing archived log files.

Connection Profile

Connection Profiles must be set directly on the 0.Collection > AD_ActivityCollection Job in order to connect to either the SAM API Server or the host with the network share housing the archived log files.

Access Token

Required for SAM API Server integration for the 0.Collection > AD_ActivityCollection Job.

Scheduling Frequency

This group can be scheduled to run as desired.

RECOMMENDED: Run from the 6.Activity Job Group level in order to correlate 0.Collection job group data with other jobs.

History Retention

History is not supported. Turning on history will cause issues with data analysis and reporting.

Multi-Console Support

Multiple Access Analyzer Consoles are not supported. This group should be run from a single Access Analyzer Console.

Workflow

Step 1 – Successfully run the .Active Directory Inventory Job Group.

Step 2 – Setup integration between the Netwrix Activity Monitor and Access Analyzer by using either an API Server or the network share where the archived log files are located.

Step 3 – Ensure Activity Monitor logs are archived.

Step 4 – Configure the Connection Profiles to connect successfully to the Netwrix Activity Monitor API Server or the host with the network share housing the archived log files.

Step 5 – Configure the AD_ActivityCollection Job Query.

Step 6 – Run the jobs as desired.

Step 7 – Run from the 6.Activity Job Group level in order to correlate 0.Collection job group data with other jobs.

Step 8 – Review the reports generated by the jobs.

See the Active Directory Solution topic for additional information.