The Ultimate Tool for Alerting and Logging in an Active Directory Environment.
May 08, 2023
The Ultimate Tool for Alerting and Logging in an Active Directory Environment.
Score 9 out of 10
Vetted Review
Verified User
Overall Satisfaction with ManageEngine ADAudit Plus
We use ADAudit plus to keep tabs on everything that is happening in AD. Predefined and custom alerts allow for very granular alerting based on the things that matter most to you. Alerts happen in real-time for admin-related and other high-profile tasks that are happening in AD. There is also historical data that can be used for trending or troubleshooting. Reports can be generated for a large number of events. We also use this for file server auditing to see what users deleted, modified, moved, etc. files or folders.
- Alerting on relevant events.
- Report generation for specific scenarios.
- Logging of meaningful data.
- Correlation/Anomalous Activity checks.
- In earlier releases there were quite a few bugs and performance issues. These have since been resolved.
- When integrated with the Log360 Suite, it can be confusing on whether EventLog Analyzer or ADAudit Plus are "managing"/"Ingesting" the data from a given endpoint.
- Improved response to security events.
- Allowed for much greater insight to authorized/unauthorized change.
- Provided confidence in what is happening in Active Directory at all times.
It has drastically improved visibility for AD and File Servers. The Windows Server and Workstation portion we use more of the EventLog Analyzer side for.
It has allowed for much more thorough real-time monitoring of the daily activities that happen in AD. We know when a user/computer/group is modified/added/deleted, a password is changed, an account is added to a privileged group, a GPO is modified/added/deleted, a failed attempt was made to authenticate to a privileged account, a user is locked out, etc. The list goes on and on.
We have been able to set a baseline and watch trending over time to detect odd behavior and intervene when necessary. This often includes behavior that isn't odd in itself, but in the grand scheme of things can simply look "out of place" in comparison to the typical day to day of a user or endpoint.
It has done nothing but improve our security posture. Even with other security/SIEM tools in place, we continue to pay for ADAP as it has added value that no other tools we have used can match.
Yes. The real-time capabilities in particular have been a huge help.
- Sumo Logic, Datadog, Splunk Enterprise, Progress WhatsUp Gold and SolarWinds Server & Application Monitor
ADAudit Plus was the clear winner for us. Price, features, ease of use, etc.
Do you think ManageEngine ADAudit Plus delivers good value for the price?
Yes
Are you happy with ManageEngine ADAudit Plus's feature set?
Yes
Did ManageEngine ADAudit Plus live up to sales and marketing promises?
Yes
Did implementation of ManageEngine ADAudit Plus go as expected?
Yes
Would you buy ManageEngine ADAudit Plus again?
Yes