Windows AD Event Log (2008 R2 - 2012 R2) ^Popular

Check windows event log: Create user account User account on User account off User account password reset Delete user account Unlocked user account + changed domain policy and cleaned security log

Zabbix template for AD replication and security audit ^Popular

Active Directory replication and audit templates. the names of the triggers only in Russian but later will be in English

AD DS Monitoring and Attack Detection ^Popular

Template based on MS document "Best Practices for Securing Active Directory"Items & Triggers A monitored security event pattern has occurred. A replay attack was detected. May be a harmless false positive due to misconfiguration error. System audit ...

AD DS Health and Performance ^Popular

Performance counters DRA Inbound Bytes Total/Sec DRA Inbound Object Updates Remaining in Packet DRA Outbound Bytes Total/Sec DRA Pending Replication Synchronizations Kerberos Authentications/Sec LDAP Bind Time LDAP Client Sessions LDAP Searches/ ...

Netlogon Elevation of Privilege Vulnerability (CVE-2020...

 Zabbix Template to monitor for Windows Event Viewer event's related to Netlogon Elevation of Privilege Vulnerability - CVE-2020-1472. Monitors event ID's 5827, 5828 & 5829.https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1 ...

LDAP Sync with Active Directory using pure Linux bash

zabbix-ldap-sync-bash This is a pure bash-script for syncing a Actice-Directory Group via LDAP with a Zabbix-Group. Pure Bash Skript for Linux LDAP and LDAPS Support (ignoring SSL possible) Zabbix API via http / https (ignoring SLL per default) Zab ...