Management Pack für Microsoft Advanced Threat Analytics 1.7
Dies ist das Management Pack für Advanced Threat Analytics 1.7. Dieses Management Pack enthält alle Klassen, Ansichten, Monitore und Ermittlungen für ATA 1.7.
| DisplayName | ID | Base Class | Abstract | Hosted | Singleton | Group | Extension | Accessibility | |
|---|---|---|---|---|---|---|---|---|---|
 | Advanced Threat Analytics 1.7 Center | Microsoft.AdvancedThreatAnalytics.1_7.Center | Microsoft.Windows.ComputerRole | False | True | False | False | False | Public |
 | Advanced Threat Analytics 1.7-Gatewaycontainer | Microsoft.AdvancedThreatAnalytics.1_7.Container.Gateway | Microsoft.AdvancedThreatAnalytics.ServiceComponent | False | False | False | False | False | Public |
 | Advanced Threat Analytics 1.7-Datenbank | Microsoft.AdvancedThreatAnalytics.1_7.Database | System.Database | False | True | False | False | False | Public |
 | Advanced Threat Analytics 1.7-Gateway | Microsoft.AdvancedThreatAnalytics.1_7.Gateway | Microsoft.Windows.ComputerRole | True | True | False | False | False | Public |
 | Advanced Threat Analytics 1.7-Lightweight-Gateway | Microsoft.AdvancedThreatAnalytics.1_7.Gateway.LightWeight | Microsoft.AdvancedThreatAnalytics.1_7.Gateway | False | True | False | False | False | Public |
 | Eigenständiges Advanced Threat Analytics 1.7-Gateway | Microsoft.AdvancedThreatAnalytics.1_7.Gateway.Standalone | Microsoft.AdvancedThreatAnalytics.1_7.Gateway | False | True | False | False | False | Public |
 | Advanced Threat Analytics 1.7-Instanzengruppen | Microsoft.AdvancedThreatAnalytics.1_7.InstancesGroup | Microsoft.SystemCenter.InstanceGroup | False | False | True | True | False | Public |
 | Advanced Threat Analytics 1.7-Seedingklasse | Microsoft.AdvancedThreatAnalytics.1_7.Seed | Microsoft.Windows.LocalApplication | False | True | False | False | False | Public |
 | Advanced Threat Analytics 1.7-Servergruppe | Microsoft.AdvancedThreatAnalytics.1_7.ServersGroup | Microsoft.SystemCenter.ComputerGroup | False | False | True | True | False | Public |
 | Advanced Threat Analytics 1.7-Dienst | Microsoft.AdvancedThreatAnalytics.1_7.Service | Microsoft.AdvancedThreatAnalytics.ServiceComponent | False | False | False | False | False | Public |
| Advanced Threat Analytics 1.7-Dienstgruppe | Microsoft.AdvancedThreatAnalytics.1_7.ServiceGroup | Microsoft.SystemCenter.InstanceGroup | False | False | True | True | False | Public |
| DisplayName | ID | Source | Target | Accessibility | Abstract | |
|---|---|---|---|---|---|---|
 | Microsoft Advanced Threat Analytics 1.7 Center hostet 1.7-Datenbank. | Microsoft.AdvancedThreatAnalytics.1_7.Center.hosts.Microsoft.AdvancedThreatAnalytics.1_7.Database | Microsoft.AdvancedThreatAnalytics.1_7.Center | Microsoft.AdvancedThreatAnalytics.1_7.Database | Public | False |
| Advanced Threat Analytics 1.7-Container (Gateway) enthält 1.7-Lightweight-Gateway. | Microsoft.AdvancedThreatAnalytics.1_7.Container.Gateway.contains.Microsoft.AdvancedThreatAnalytics.1_7.Gateway.LightWeight | Microsoft.AdvancedThreatAnalytics.1_7.Container.Gateway | Microsoft.AdvancedThreatAnalytics.1_7.Gateway.LightWeight | Public | False |
| Advanced Threat Analytics 1.7-Container (Gateway) enthält eigenständiges 1.7-Gateway. | Microsoft.AdvancedThreatAnalytics.1_7.Container.Gateway.contains.Microsoft.AdvancedThreatAnalytics.1_7.Gateway.Standalone | Microsoft.AdvancedThreatAnalytics.1_7.Container.Gateway | Microsoft.AdvancedThreatAnalytics.1_7.Gateway.Standalone | Public | False |
| Advanced Threat Analytics 1.7-Dienst enthält 1.7 Center. | Microsoft.AdvancedThreatAnalytics.1_7.Service.contains.Microsoft.AdvancedThreatAnalytics.1_7.Center | Microsoft.AdvancedThreatAnalytics.1_7.Service | Microsoft.AdvancedThreatAnalytics.1_7.Center | Public | False |
| Advanced Threat Analytics 1.7-Dienst enthält 1.7-Container (Gateway). | Microsoft.AdvancedThreatAnalytics.1_7.Service.contains.Microsoft.AdvancedThreatAnalytics.1_7.Container.Gateway | Microsoft.AdvancedThreatAnalytics.1_7.Service | Microsoft.AdvancedThreatAnalytics.1_7.Container.Gateway | Public | False |
| Advanced Threat Analytics-Container enthält 1.7-Dienst | Microsoft.AdvancedThreatAnalytics.Container.contains.Microsoft.AdvancedThreatAnalytics.1_7.Service | Microsoft.AdvancedThreatAnalytics.Container | Microsoft.AdvancedThreatAnalytics.1_7.Service | Public | False |
| DisplayName | ID | Isolation | Accessibility | |
|---|---|---|---|---|
 | Datenquelle für die Center-Ermittlung | Microsoft.AdvancedThreatAnalytics.1_7.Center.Discovery.DataSource | Any | Internal |
| Datenquelle für die Distributed Application-Ermittlung | Microsoft.AdvancedThreatAnalytics.1_7.DistributedApplication.Discovery.DataSource | Any | Internal |
| Datenquelle für die Gatewayermittlung | Microsoft.AdvancedThreatAnalytics.1_7.Gateway.Discovery.DataSource | Any | Internal |
| ATA-Protokolldateianbieter | Microsoft.AdvancedThreatAnalytics.LogFileProvider | Any | Internal |
| ID | Target | |
|---|---|---|
 | Microsoft.AdvancedThreatAnalytics.1_7.Center.ATAConsole.Task.Category | Microsoft.AdvancedThreatAnalytics.1_7.Center.ATAConsole.Task |
| Microsoft.AdvancedThreatAnalytics.1_7.Center.Icon.Category | Microsoft.AdvancedThreatAnalytics.Center.Icon |
| Microsoft.AdvancedThreatAnalytics.1_7.Center.Small.Icon.Category | Microsoft.AdvancedThreatAnalytics.Center.Small.Icon |
| Microsoft.AdvancedThreatAnalytics.1_7.Container.Gateway.Icon.Category | Microsoft.AdvancedThreatAnalytics.Container.Gateway.Icon |
| Microsoft.AdvancedThreatAnalytics.1_7.Container.Gateway.Small.Icon.Category | Microsoft.AdvancedThreatAnalytics.Container.Gateway.Small.Icon |
| Microsoft.AdvancedThreatAnalytics.1_7.Gateway.Standalone.Icon.Category | Microsoft.AdvancedThreatAnalytics.Gateway.Standalone.Icon |
| Microsoft.AdvancedThreatAnalytics.1_7.Gateway.Standalone.Small.Icon.Category | Microsoft.AdvancedThreatAnalytics.Gateway.Standalone.Small.Icon |
| Microsoft.AdvancedThreatAnalytics.1_7.LightweightGateway.Icon.Category | Microsoft.AdvancedThreatAnalytics.LightweightGateway.Icon |
| Microsoft.AdvancedThreatAnalytics.1_7.LightweightGateway.Small.Icon.Category | Microsoft.AdvancedThreatAnalytics.LightweightGateway.Small.Icon |
| Microsoft.AdvancedThreatAnalytics.1_7.Service.Icon.Category | Microsoft.AdvancedThreatAnalytics.Service.Icon |
| Microsoft.AdvancedThreatAnalytics.1_7.Service.Small.Icon.Category | Microsoft.AdvancedThreatAnalytics.Service.Small.Icon |
| DisplayName | ID | Target | Enabled | |
|---|---|---|---|---|
 | Center-Ermittlung | Microsoft.AdvancedThreatAnalytics.1_7.Center.Discovery | Microsoft.AdvancedThreatAnalytics.1_7.Seed | True |
| Ermittlung verteilter Anwendungen | Microsoft.AdvancedThreatAnalytics.1_7.DistributedApplication.Discovery | Microsoft.SystemCenter.AllManagementServersPool | True |
| Gatewayermittlung | Microsoft.AdvancedThreatAnalytics.1_7.Gateway.Discovery | Microsoft.AdvancedThreatAnalytics.1_7.Seed | True |
| Instanzgruppenermittlung | Microsoft.AdvancedThreatAnalytics.1_7.InstancesGroup.Discovery | Microsoft.AdvancedThreatAnalytics.1_7.InstancesGroup | True |
| Seedermittlung | Microsoft.AdvancedThreatAnalytics.1_7.Seed.Discovery | Microsoft.Windows.Server.OperatingSystem | True |
| Servergruppenermittlung | Microsoft.AdvancedThreatAnalytics.1_7.ServersGroup.Discovery | Microsoft.AdvancedThreatAnalytics.1_7.ServersGroup | True |
| Dienstgruppenermittlung | Microsoft.AdvancedThreatAnalytics.1_7.ServiceGroup.Discovery | Microsoft.AdvancedThreatAnalytics.1_7.ServiceGroup | True |
| DisplayName | ID | Target | Algorithm | Source Monitor | Relationship | Category | Enabled | Alert Generate | Accessibility | |
|---|---|---|---|---|---|---|---|---|---|---|
 | Rollupmonitor zur Center-Verfügbarkeit | Microsoft.AdvancedThreatAnalytics.1_7.Center.Availability.RollupMonitor | Microsoft.AdvancedThreatAnalytics.1_7.Center | WorstOf | System.Health.AvailabilityState | Microsoft.AdvancedThreatAnalytics.1_7.Center.hosts.Microsoft.AdvancedThreatAnalytics.1_7.Database | AvailabilityHealth | True | False | Public |
| Rollupmonitor zur Center-Konfiguration | Microsoft.AdvancedThreatAnalytics.1_7.Center.Configuration.RollupMonitor | Microsoft.AdvancedThreatAnalytics.1_7.Center | WorstOf | System.Health.ConfigurationState | Microsoft.AdvancedThreatAnalytics.1_7.Center.hosts.Microsoft.AdvancedThreatAnalytics.1_7.Database | ConfigurationHealth | True | False | Public |
| Rollupmonitor zur Center-Leistung | Microsoft.AdvancedThreatAnalytics.1_7.Center.Performance.RollupMonitor | Microsoft.AdvancedThreatAnalytics.1_7.Center | WorstOf | System.Health.PerformanceState | Microsoft.AdvancedThreatAnalytics.1_7.Center.hosts.Microsoft.AdvancedThreatAnalytics.1_7.Database | PerformanceHealth | True | False | Public |
| Rollupmonitor zur Center-Sicherheit | Microsoft.AdvancedThreatAnalytics.1_7.Center.Security.RollupMonitor | Microsoft.AdvancedThreatAnalytics.1_7.Center | WorstOf | System.Health.SecurityState | Microsoft.AdvancedThreatAnalytics.1_7.Center.hosts.Microsoft.AdvancedThreatAnalytics.1_7.Database | SecurityHealth | True | False | Public |
| Rollupmonitor zur Verfügbarkeit des Gateways (Lightweight) | Microsoft.AdvancedThreatAnalytics.1_7.Container.Gateway.LightWeight.Availability.RollupMonitor | Microsoft.AdvancedThreatAnalytics.1_7.Container.Gateway | WorstOf | System.Health.AvailabilityState | Microsoft.AdvancedThreatAnalytics.1_7.Container.Gateway.contains.Microsoft.AdvancedThreatAnalytics.1_7.Gateway.LightWeight | AvailabilityHealth | True | False | Public |
| Rollupmonitor zur Konfiguration des Gateways (Lightweight) | Microsoft.AdvancedThreatAnalytics.1_7.Container.Gateway.LightWeight.Configuration.RollupMonitor | Microsoft.AdvancedThreatAnalytics.1_7.Container.Gateway | WorstOf | System.Health.ConfigurationState | Microsoft.AdvancedThreatAnalytics.1_7.Container.Gateway.contains.Microsoft.AdvancedThreatAnalytics.1_7.Gateway.LightWeight | ConfigurationHealth | True | False | Public |
| Rollupmonitor zur Leistung des Gateways (Lightweight) | Microsoft.AdvancedThreatAnalytics.1_7.Container.Gateway.LightWeight.Performance.RollupMonitor | Microsoft.AdvancedThreatAnalytics.1_7.Container.Gateway | WorstOf | System.Health.PerformanceState | Microsoft.AdvancedThreatAnalytics.1_7.Container.Gateway.contains.Microsoft.AdvancedThreatAnalytics.1_7.Gateway.LightWeight | PerformanceHealth | True | False | Public |
| Rollupmonitor zur Sicherheit des Gateways (Lightweight) | Microsoft.AdvancedThreatAnalytics.1_7.Container.Gateway.LightWeight.Security.RollupMonitor | Microsoft.AdvancedThreatAnalytics.1_7.Container.Gateway | WorstOf | System.Health.SecurityState | Microsoft.AdvancedThreatAnalytics.1_7.Container.Gateway.contains.Microsoft.AdvancedThreatAnalytics.1_7.Gateway.LightWeight | SecurityHealth | True | False | Public |
| Rollupmonitor zur Verfügbarkeit des Gateways (eigenständig) | Microsoft.AdvancedThreatAnalytics.1_7.Container.Gateway.Standalone.Availability.RollupMonitor | Microsoft.AdvancedThreatAnalytics.1_7.Container.Gateway | WorstOf | System.Health.AvailabilityState | Microsoft.AdvancedThreatAnalytics.1_7.Container.Gateway.contains.Microsoft.AdvancedThreatAnalytics.1_7.Gateway.Standalone | AvailabilityHealth | True | False | Public |
| Rollupmonitor zur Konfiguration des Gateways (eigenständig) | Microsoft.AdvancedThreatAnalytics.1_7.Container.Gateway.Standalone.Configuration.RollupMonitor | Microsoft.AdvancedThreatAnalytics.1_7.Container.Gateway | WorstOf | System.Health.ConfigurationState | Microsoft.AdvancedThreatAnalytics.1_7.Container.Gateway.contains.Microsoft.AdvancedThreatAnalytics.1_7.Gateway.Standalone | ConfigurationHealth | True | False | Public |
| Rollupmonitor zur Leistung des Gateways (eigenständig) | Microsoft.AdvancedThreatAnalytics.1_7.Container.Gateway.Standalone.Performance.RollupMonitor | Microsoft.AdvancedThreatAnalytics.1_7.Container.Gateway | WorstOf | System.Health.PerformanceState | Microsoft.AdvancedThreatAnalytics.1_7.Container.Gateway.contains.Microsoft.AdvancedThreatAnalytics.1_7.Gateway.Standalone | PerformanceHealth | True | False | Public |
| Rollupmonitor zur Sicherheit des Gateways (eigenständig) | Microsoft.AdvancedThreatAnalytics.1_7.Container.Gateway.Standalone.Security.RollupMonitor | Microsoft.AdvancedThreatAnalytics.1_7.Container.Gateway | WorstOf | System.Health.SecurityState | Microsoft.AdvancedThreatAnalytics.1_7.Container.Gateway.contains.Microsoft.AdvancedThreatAnalytics.1_7.Gateway.Standalone | SecurityHealth | True | False | Public |
| Rollupmonitor zur Verfügbarkeit des Diensts (Center) | Microsoft.AdvancedThreatAnalytics.1_7.Service.Center.Availability.RollupMonitor | Microsoft.AdvancedThreatAnalytics.1_7.Service | WorstOf | System.Health.AvailabilityState | Microsoft.AdvancedThreatAnalytics.1_7.Service.contains.Microsoft.AdvancedThreatAnalytics.1_7.Center | AvailabilityHealth | True | False | Public |
| Rollupmonitor zur Konfiguration des Diensts (Center) | Microsoft.AdvancedThreatAnalytics.1_7.Service.Center.Configuration.RollupMonitor | Microsoft.AdvancedThreatAnalytics.1_7.Service | WorstOf | System.Health.ConfigurationState | Microsoft.AdvancedThreatAnalytics.1_7.Service.contains.Microsoft.AdvancedThreatAnalytics.1_7.Center | ConfigurationHealth | True | False | Public |
| Rollupmonitor zur Leistung des Diensts (Center) | Microsoft.AdvancedThreatAnalytics.1_7.Service.Center.Performance.RollupMonitor | Microsoft.AdvancedThreatAnalytics.1_7.Service | WorstOf | System.Health.PerformanceState | Microsoft.AdvancedThreatAnalytics.1_7.Service.contains.Microsoft.AdvancedThreatAnalytics.1_7.Center | PerformanceHealth | True | False | Public |
| Rollupmonitor zur Sicherheit des Diensts (Center) | Microsoft.AdvancedThreatAnalytics.1_7.Service.Center.Security.RollupMonitor | Microsoft.AdvancedThreatAnalytics.1_7.Service | WorstOf | System.Health.SecurityState | Microsoft.AdvancedThreatAnalytics.1_7.Service.contains.Microsoft.AdvancedThreatAnalytics.1_7.Center | SecurityHealth | True | False | Public |
| Rollupmonitor zur Verfügbarkeit des Diensts (Gateway) | Microsoft.AdvancedThreatAnalytics.1_7.Service.Gateway.Availability.RollupMonitor | Microsoft.AdvancedThreatAnalytics.1_7.Service | WorstOf | System.Health.AvailabilityState | Microsoft.AdvancedThreatAnalytics.1_7.Service.contains.Microsoft.AdvancedThreatAnalytics.1_7.Container.Gateway | AvailabilityHealth | True | False | Public |
| Rollupmonitor zur Konfiguration des Diensts (Gateway) | Microsoft.AdvancedThreatAnalytics.1_7.Service.Gateway.Configuration.RollupMonitor | Microsoft.AdvancedThreatAnalytics.1_7.Service | WorstOf | System.Health.ConfigurationState | Microsoft.AdvancedThreatAnalytics.1_7.Service.contains.Microsoft.AdvancedThreatAnalytics.1_7.Container.Gateway | ConfigurationHealth | True | False | Public |
| Rollupmonitor zur Leistung des Diensts (Gateway) | Microsoft.AdvancedThreatAnalytics.1_7.Service.Gateway.Performance.RollupMonitor | Microsoft.AdvancedThreatAnalytics.1_7.Service | WorstOf | System.Health.PerformanceState | Microsoft.AdvancedThreatAnalytics.1_7.Service.contains.Microsoft.AdvancedThreatAnalytics.1_7.Container.Gateway | PerformanceHealth | True | False | Public |
| Rollupmonitor zur Sicherheit des Diensts (Gateway) | Microsoft.AdvancedThreatAnalytics.1_7.Service.Gateway.Security.RollupMonitor | Microsoft.AdvancedThreatAnalytics.1_7.Service | WorstOf | System.Health.SecurityState | Microsoft.AdvancedThreatAnalytics.1_7.Service.contains.Microsoft.AdvancedThreatAnalytics.1_7.Container.Gateway | SecurityHealth | True | False | Public |
| Rollupmonitor zur Stammverfügbarkeit | Microsoft.AdvancedThreatAnalytics.Container.Availability.RollupMonitor | Microsoft.AdvancedThreatAnalytics.Container | WorstOf | System.Health.AvailabilityState | Microsoft.AdvancedThreatAnalytics.Container.contains.Microsoft.AdvancedThreatAnalytics.1_7.Service | AvailabilityHealth | True | False | Public |
| Rollupmonitor zur Stammkonfiguration | Microsoft.AdvancedThreatAnalytics.Container.Configuration.RollupMonitor | Microsoft.AdvancedThreatAnalytics.Container | WorstOf | System.Health.ConfigurationState | Microsoft.AdvancedThreatAnalytics.Container.contains.Microsoft.AdvancedThreatAnalytics.1_7.Service | ConfigurationHealth | True | False | Public |
| Rollupmonitor zur Stammleistung | Microsoft.AdvancedThreatAnalytics.Container.Performance.RollupMonitor | Microsoft.AdvancedThreatAnalytics.Container | WorstOf | System.Health.PerformanceState | Microsoft.AdvancedThreatAnalytics.Container.contains.Microsoft.AdvancedThreatAnalytics.1_7.Service | PerformanceHealth | True | False | Public |
| Rollupmonitor zur Stammsicherheit | Microsoft.AdvancedThreatAnalytics.Container.Security.RollupMonitor | Microsoft.AdvancedThreatAnalytics.Container | WorstOf | System.Health.SecurityState | Microsoft.AdvancedThreatAnalytics.Container.contains.Microsoft.AdvancedThreatAnalytics.1_7.Service | SecurityHealth | True | False | Public |
| DisplayName | ID | Target | Category | Enabled | Alert Generate | Accessibility | |
|---|---|---|---|---|---|---|---|
 | Monitor für ATA Center-Dienst | Microsoft.AdvancedThreatAnalytics.1_7.Center.ATACenter | Microsoft.AdvancedThreatAnalytics.1_7.Center | AvailabilityHealth | True | True | Public |
| AtSVC-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_7.Center.DatabaseAtSvcBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_7.Center | PerformanceHealth | True | True | Public |
| DirectoryServicesActivity-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_7.Center.DatabaseDirectoryServicesActivityBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_7.Center | PerformanceHealth | True | True | Public |
| DNS-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_7.Center.DatabaseDnsBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_7.Center | PerformanceHealth | True | True | Public |
| DRSR-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_7.Center.DatabaseDrsrBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_7.Center | PerformanceHealth | True | True | Public |
| KerberosAP-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_7.Center.DatabaseKerberosApBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_7.Center | PerformanceHealth | True | True | Public |
| KerberosAS-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_7.Center.DatabaseKerberosAsBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_7.Center | PerformanceHealth | True | True | Public |
| KerberosTGS-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_7.Center.DatabaseKerberosTgsBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_7.Center | PerformanceHealth | True | True | Public |
| LDAP-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_7.Center.DatabaseLdapBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_7.Center | PerformanceHealth | True | True | Public |
| LsaRPC-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_7.Center.DatabaseLsaRpcBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_7.Center | PerformanceHealth | True | True | Public |
| Netlogon-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_7.Center.DatabaseNetlogonBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_7.Center | PerformanceHealth | True | True | Public |
| NTLM-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_7.Center.DatabaseNtlmBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_7.Center | PerformanceHealth | True | True | Public |
| NTLMEvent-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_7.Center.DatabaseNtlmEventBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_7.Center | PerformanceHealth | True | True | Public |
| SAMR-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_7.Center.DatabaseSamrBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_7.Center | PerformanceHealth | True | True | Public |
| ServiceControl-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_7.Center.DatabaseServiceControlBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_7.Center | PerformanceHealth | True | True | Public |
| SMB-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_7.Center.DatabaseSmbBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_7.Center | PerformanceHealth | True | True | Public |
| SrvSVC-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_7.Center.DatabaseSrvSvcBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_7.Center | PerformanceHealth | True | True | Public |
| TaskScheduler-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_7.Center.DatabaseTaskSchedulerBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_7.Center | PerformanceHealth | True | True | Public |
| Blockgröße für EntityProfiler-Netzwerkaktivität | Microsoft.AdvancedThreatAnalytics.1_7.Center.EntityProfilerNetworkActivityBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_7.Center | PerformanceHealth | True | True | Public |
| Blockgröße für EntityReceiver-Entitätsbatch | Microsoft.AdvancedThreatAnalytics.1_7.Center.EntityReceiverEntityBatchBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_7.Center | PerformanceHealth | True | True | Public |
| Blockgröße für NetworkActivityProcessor-Netzwerkaktivität | Microsoft.AdvancedThreatAnalytics.1_7.Center.NetworkActivityProcessorNetworkActivityBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_7.Center | PerformanceHealth | True | True | Public |
| MongoDB-Dienstmonitor | Microsoft.AdvancedThreatAnalytics.1_7.Database.MongoDB | Microsoft.AdvancedThreatAnalytics.1_7.Database | AvailabilityHealth | True | True | Public |
| Monitor für ATA-Gatewaydienst | Microsoft.AdvancedThreatAnalytics.1_7.Gateway.ATAGateway | Microsoft.AdvancedThreatAnalytics.1_7.Gateway | AvailabilityHealth | True | True | Public |
| Monitor für ATA-Gateway-Updater-Dienst | Microsoft.AdvancedThreatAnalytics.1_7.Gateway.ATAGatewayUpdater | Microsoft.AdvancedThreatAnalytics.1_7.Gateway | AvailabilityHealth | True | True | Public |
| Blockgröße für EntityResolver-Aktivität | Microsoft.AdvancedThreatAnalytics.1_7.Gateway.EntityResolverActivityBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_7.Gateway | PerformanceHealth | True | True | Public |
| Blockgröße für EntitySender-Entitätsbatch | Microsoft.AdvancedThreatAnalytics.1_7.Gateway.EntitySenderEntityBatchBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_7.Gateway | PerformanceHealth | True | True | Public |
| Sendezeit für EntitySender-Entitätsbatch | Microsoft.AdvancedThreatAnalytics.1_7.Gateway.EntitySenderEntityBatchSendTime.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_7.Gateway | PerformanceHealth | True | True | Public |
| Blockgröße 0 für NetworkActivityTranslator-Nachrichtendaten | Microsoft.AdvancedThreatAnalytics.1_7.Gateway.NetworkActivityTranslatorMessageData0BlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_7.Gateway | PerformanceHealth | True | True | Public |
| Blockgröße 1 für NetworkActivityTranslator-Nachrichtendaten | Microsoft.AdvancedThreatAnalytics.1_7.Gateway.NetworkActivityTranslatorMessageData1BlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_7.Gateway | PerformanceHealth | True | True | Public |
| Blockgröße 2 für NetworkActivityTranslator-Nachrichtendaten | Microsoft.AdvancedThreatAnalytics.1_7.Gateway.NetworkActivityTranslatorMessageData2BlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_7.Gateway | PerformanceHealth | True | True | Public |
| NetworkListener-ETW-Löschereignisse/Sek. | Microsoft.AdvancedThreatAnalytics.1_7.Gateway.NetworkListenerETWDroppedEventsSec.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_7.Gateway | PerformanceHealth | True | True | Public |
| NetworkListener-PEF-Löschereignisse/Sek. | Microsoft.AdvancedThreatAnalytics.1_7.Gateway.NetworkListenerPEFDroppedEventsSec.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_7.Gateway | PerformanceHealth | True | True | Public |
| DisplayName | ID | Target | Category | Enabled | Alert Generate | |
|---|---|---|---|---|---|---|
 | Regel für verdächtige Aktivität durch ungewöhnliches Verhalten | Microsoft.AdvancedThreatAnalytics.1_7.Center.AbnormalBehaviorSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_7.Center | SecurityHealth | False | True |
| Regel für verdächtige Aktivität durch ungewöhnlichen SMB | Microsoft.AdvancedThreatAnalytics.1_7.Center.AbnormalSmbSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_7.Center | SecurityHealth | False | True |
| Regel für verdächtige Aktivität durch Kontoenumeration | Microsoft.AdvancedThreatAnalytics.1_7.Center.AccountEnumerationSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_7.Center | SecurityHealth | False | True |
| Regel für verdächtige Aktivität durch Brute-Force-Angriff | Microsoft.AdvancedThreatAnalytics.1_7.Center.BruteForceSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_7.Center | SecurityHealth | False | True |
| Warnungsregel für die Überwachung des verfügbaren Speicherplatzes auf dem Datenlaufwerk der Center-Datenbank | Microsoft.AdvancedThreatAnalytics.1_7.Center.CenterDatabaseDataDriveFreeSpaceMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_7.Center | AvailabilityHealth | True | True |
| Warnungsregel für die Überwachung auf Center-Überladung | Microsoft.AdvancedThreatAnalytics.1_7.Center.CenterOverloadedMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_7.Center | PerformanceHealth | True | True |
| Warnungsregel für die Überwachung auf Zertifikatsablauf | Microsoft.AdvancedThreatAnalytics.1_7.Center.CertificateExpiryMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_7.Center | ConfigurationHealth | True | True |
| Regel für verdächtige Aktivität durch Fehler bei der Vorauthentifizierung des Computers | Microsoft.AdvancedThreatAnalytics.1_7.Center.ComputerPreauthenticationFailedSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_7.Center | SecurityHealth | False | True |
| AtSVC-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_7.Center.DatabaseAtSvcBlockSize | Microsoft.AdvancedThreatAnalytics.1_7.Center | PerformanceCollection | True | False |
| DirectoryServicesActivity-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_7.Center.DatabaseDirectoryServicesActivityBlockSize | Microsoft.AdvancedThreatAnalytics.1_7.Center | PerformanceCollection | True | False |
| Warnungsregel für die Überwachung auf getrennte Datenbankverbindungen | Microsoft.AdvancedThreatAnalytics.1_7.Center.DatabaseDisconnectedMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_7.Center | AvailabilityHealth | True | True |
| DNS-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_7.Center.DatabaseDnsBlockSize | Microsoft.AdvancedThreatAnalytics.1_7.Center | PerformanceCollection | True | False |
| DRSR-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_7.Center.DatabaseDrsrBlockSize | Microsoft.AdvancedThreatAnalytics.1_7.Center | PerformanceCollection | True | False |
| KerberosAP-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_7.Center.DatabaseKerberosApBlockSize | Microsoft.AdvancedThreatAnalytics.1_7.Center | PerformanceCollection | True | False |
| KerberosAS-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_7.Center.DatabaseKerberosAsBlockSize | Microsoft.AdvancedThreatAnalytics.1_7.Center | PerformanceCollection | True | False |
| KerberosTGS-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_7.Center.DatabaseKerberosTgsBlockSize | Microsoft.AdvancedThreatAnalytics.1_7.Center | PerformanceCollection | True | False |
| LDAP-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_7.Center.DatabaseLdapBlockSize | Microsoft.AdvancedThreatAnalytics.1_7.Center | PerformanceCollection | True | False |
| LsaRPC-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_7.Center.DatabaseLsaRpcBlockSize | Microsoft.AdvancedThreatAnalytics.1_7.Center | PerformanceCollection | True | False |
| Netlogon-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_7.Center.DatabaseNetlogonBlockSize | Microsoft.AdvancedThreatAnalytics.1_7.Center | PerformanceCollection | True | False |
| NTLM-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_7.Center.DatabaseNtlmBlockSize | Microsoft.AdvancedThreatAnalytics.1_7.Center | PerformanceCollection | True | False |
| NTLMEvent-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_7.Center.DatabaseNtlmEventBlockSize | Microsoft.AdvancedThreatAnalytics.1_7.Center | PerformanceCollection | True | False |
| ServiceControl-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_7.Center.DatabaseServiceControlBlockSize | Microsoft.AdvancedThreatAnalytics.1_7.Center | PerformanceCollection | True | False |
| SMB-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_7.Center.DatabaseSmbBlockSize | Microsoft.AdvancedThreatAnalytics.1_7.Center | PerformanceCollection | True | False |
| SrvSVC-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_7.Center.DatabaseSrvSvcBlockSize | Microsoft.AdvancedThreatAnalytics.1_7.Center | PerformanceCollection | True | False |
| TaskScheduler-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_7.Center.DatabaseTaskSchedulerBlockSize | Microsoft.AdvancedThreatAnalytics.1_7.Center | PerformanceCollection | True | False |
| Warnungsregel für die Überwachung auf Kennwortablauf für das Clientkonto der Verzeichnisdienste | Microsoft.AdvancedThreatAnalytics.1_7.Center.DirectoryServicesClientAccountPasswordExpiryMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_7.Center | ConfigurationHealth | True | True |
| Regel für verdächtige Aktivität bei der Replikation der Verzeichnisdienste | Microsoft.AdvancedThreatAnalytics.1_7.Center.DirectoryServicesReplicationSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_7.Center | SecurityHealth | False | True |
| Regel für verdächtige Aktivität durch DNS-Reconnaissance | Microsoft.AdvancedThreatAnalytics.1_7.Center.DnsReconnaissanceSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_7.Center | SecurityHealth | False | True |
| Warnungsregel für die Überwachung auf nicht zugewiesenen Domänensynchronizer | Microsoft.AdvancedThreatAnalytics.1_7.Center.DomainSynchronizerNotAssignedMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_7.Center | ConfigurationHealth | True | True |
| Regel für verdächtige Aktivität zur Herabstufung der Verschlüsselung | Microsoft.AdvancedThreatAnalytics.1_7.Center.EncryptionDowngradeSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_7.Center | SecurityHealth | False | True |
| Regel für verdächtige Aktivität zur Herabstufung der Verschlüsselung (Golden Ticket) | Microsoft.AdvancedThreatAnalytics.1_7.Center.EncryptionDowngradeSuspiciousActivity_GoldenTicket | Microsoft.AdvancedThreatAnalytics.1_7.Center | SecurityHealth | False | True |
| Regel für verdächtige Aktivität zur Herabstufung der Verschlüsselung (Overpass-the-Hash) | Microsoft.AdvancedThreatAnalytics.1_7.Center.EncryptionDowngradeSuspiciousActivity_OverpasstheHash | Microsoft.AdvancedThreatAnalytics.1_7.Center | SecurityHealth | False | True |
| Regel für verdächtige Aktivität zur Herabstufung der Verschlüsselung (Skeleton Key) | Microsoft.AdvancedThreatAnalytics.1_7.Center.EncryptionDowngradeSuspiciousActivity_SkeletonKey | Microsoft.AdvancedThreatAnalytics.1_7.Center | SecurityHealth | False | True |
| Blockgröße für EntityProfiler-Netzwerkaktivität | Microsoft.AdvancedThreatAnalytics.1_7.Center.EntityProfilerNetworkActivityBlockSize | Microsoft.AdvancedThreatAnalytics.1_7.Center | PerformanceCollection | True | False |
| Blockgröße für EntityReceiver-Entitätsbatch | Microsoft.AdvancedThreatAnalytics.1_7.Center.EntityReceiverEntityBatchBlockSize | Microsoft.AdvancedThreatAnalytics.1_7.Center | PerformanceCollection | True | False |
| Regel für verdächtige Aktivität durch Sitzungsenumeration | Microsoft.AdvancedThreatAnalytics.1_7.Center.EnumerateSessionsSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_7.Center | SecurityHealth | False | True |
| Regel für verdächtige Aktivität durch gefälschtes PAC | Microsoft.AdvancedThreatAnalytics.1_7.Center.ForgedPacSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_7.Center | SecurityHealth | False | True |
| Warnungsregel für die Überwachung auf Fehler beim Netzwerkdatenerfassungs-Adapter des Gateways | Microsoft.AdvancedThreatAnalytics.1_7.Center.GatewayCaptureNetworkAdapterFaultedMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_7.Center | AvailabilityHealth | True | True |
| Warnungsregel für die Überwachung auf das Fehlen eines Netzwerkdatenerfassungs-Adapters auf dem Gateway | Microsoft.AdvancedThreatAnalytics.1_7.Center.GatewayCaptureNetworkAdapterMissingMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_7.Center | ConfigurationHealth | True | True |
| Warnungsregel für die Überwachung der Clientkonnektivität der Gatewayverzeichnisdienste | Microsoft.AdvancedThreatAnalytics.1_7.Center.GatewayDirectoryServicesClientConnectivityMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_7.Center | AvailabilityHealth | True | True |
| Warnungsregel für die Überwachung auf getrennte Gatewayverbindungen | Microsoft.AdvancedThreatAnalytics.1_7.Center.GatewayDisconnectedMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_7.Center | AvailabilityHealth | True | True |
| Warnungsregel für die Überwachung auf unzureichenden Gatewayarbeitsspeicher | Microsoft.AdvancedThreatAnalytics.1_7.Center.GatewayLowMemoryMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_7.Center | PerformanceHealth | True | True |
| Warnungsregel für die Überwachung auf nicht vom Gateway erhaltenen Datenverkehr | Microsoft.AdvancedThreatAnalytics.1_7.Center.GatewayNotReceivingTrafficMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_7.Center | AvailabilityHealth | True | True |
| Warnungsregel für die Überwachung von Ereignisaktivitäten aufgrund von Gatewayüberladung | Microsoft.AdvancedThreatAnalytics.1_7.Center.GatewayOverloadedEventActivitiesMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_7.Center | PerformanceHealth | True | True |
| Warnungsregel für die Überwachung von Netzwerkaktivitäten aufgrund von Gatewayüberladung | Microsoft.AdvancedThreatAnalytics.1_7.Center.GatewayOverloadedNetworkActivitiesMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_7.Center | PerformanceHealth | True | True |
| Warnungsregel für die Überwachung auf veraltete Gateways | Microsoft.AdvancedThreatAnalytics.1_7.Center.GatewaysOutdatedMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_7.Center | ConfigurationHealth | True | True |
| Warnungsregel für die Überwachung auf Fehler beim Gatewaystart | Microsoft.AdvancedThreatAnalytics.1_7.Center.GatewayStartFailureMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_7.Center | AvailabilityHealth | True | True |
| Regel für verdächtige Aktivität durch Honeytokenaktivität | Microsoft.AdvancedThreatAnalytics.1_7.Center.HoneytokenActivitySuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_7.Center | SecurityHealth | False | True |
| Regel für verdächtige Aktivität durch LDAP-Klartextkennwort bei einfacher Bindung | Microsoft.AdvancedThreatAnalytics.1_7.Center.LdapSimpleBindCleartextPasswordSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_7.Center | SecurityHealth | False | True |
| Warnungsregel für die Überwachung von E-Mail | Microsoft.AdvancedThreatAnalytics.1_7.Center.MailMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_7.Center | ConfigurationHealth | True | True |
| Regel für verdächtige Aktivität durch umfangreiche Objektlöschungen | Microsoft.AdvancedThreatAnalytics.1_7.Center.MassiveObjectDeletionSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_7.Center | SecurityHealth | False | True |
| Blockgröße für NetworkActivityProcessor-Netzwerkaktivität | Microsoft.AdvancedThreatAnalytics.1_7.Center.NetworkActivityProcessorNetworkActivityBlockSize | Microsoft.AdvancedThreatAnalytics.1_7.Center | PerformanceCollection | True | False |
| Regel für verdächtige Aktivität durch Pass-the-Hash | Microsoft.AdvancedThreatAnalytics.1_7.Center.PassTheHashSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_7.Center | SecurityHealth | False | True |
| Regel für verdächtige Aktivität durch Pass-the-Ticket | Microsoft.AdvancedThreatAnalytics.1_7.Center.PassTheTicketSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_7.Center | SecurityHealth | False | True |
| Regel für verdächtige Aktivität durch Remoteausführung | Microsoft.AdvancedThreatAnalytics.1_7.Center.RemoteExecutionSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_7.Center | SecurityHealth | False | True |
| Regel für verdächtige Aktivität beim Abrufen des Datenschutz-Sicherungsschlüssels | Microsoft.AdvancedThreatAnalytics.1_7.Center.RetrieveDataProtectionBackupKeySuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_7.Center | SecurityHealth | False | True |
| Regel für verdächtige Aktivität durch SAMR-Reconnaissance | Microsoft.AdvancedThreatAnalytics.1_7.Center.SamrReconnaissanceSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_7.Center | SecurityHealth | False | True |
| Warnungsregel für die Syslog-Überwachung | Microsoft.AdvancedThreatAnalytics.1_7.Center.SyslogMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_7.Center | ConfigurationHealth | True | True |
| ATA-Gateway konnte sich nicht beim Domänencontroller authentifizieren | Microsoft.AdvancedThreatAnalytics.1_7.Gateway.ActiveDirectoryAuthenticationFailure | Microsoft.AdvancedThreatAnalytics.1_7.Gateway | AvailabilityHealth | True | True |
| Indikatoren sind möglicherweise in der Registrierung deaktiviert | Microsoft.AdvancedThreatAnalytics.1_7.Gateway.CountersDisabled | Microsoft.AdvancedThreatAnalytics.1_7.Gateway | AvailabilityHealth | True | True |
| Blockgröße für EntityResolver-Aktivität | Microsoft.AdvancedThreatAnalytics.1_7.Gateway.EntityResolverActivityBlockSize | Microsoft.AdvancedThreatAnalytics.1_7.Gateway | PerformanceCollection | True | False |
| Blockgröße für EntitySender-Entitätsbatch | Microsoft.AdvancedThreatAnalytics.1_7.Gateway.EntitySenderEntityBatchBlockSize | Microsoft.AdvancedThreatAnalytics.1_7.Gateway | PerformanceCollection | True | False |
| Sendezeit für EntitySender-Entitätsbatch | Microsoft.AdvancedThreatAnalytics.1_7.Gateway.EntitySenderEntityBatchSendTime | Microsoft.AdvancedThreatAnalytics.1_7.Gateway | PerformanceCollection | True | False |
| ATA-Gateway konnte sich nicht bei Center authentifizieren | Microsoft.AdvancedThreatAnalytics.1_7.Gateway.FailedToAuthenticateAgainstCenter | Microsoft.AdvancedThreatAnalytics.1_7.Gateway | AvailabilityHealth | True | True |
| ATA-Gateway konnte keine Verbindung mit ATA Center herstellen | Microsoft.AdvancedThreatAnalytics.1_7.Gateway.FailedToEstablishConnectionToCenter | Microsoft.AdvancedThreatAnalytics.1_7.Gateway | AvailabilityHealth | True | True |
| ATA-Gateway konnte die SIEM-Syslog-Nachricht nicht analysieren | Microsoft.AdvancedThreatAnalytics.1_7.Gateway.FailedToParseSyslog | Microsoft.AdvancedThreatAnalytics.1_7.Gateway | AvailabilityHealth | True | True |
| ATA-Gateway konnte den Domänencontroller nicht über das LDAP-Protokoll abfragen | Microsoft.AdvancedThreatAnalytics.1_7.Gateway.FailedToQueryDCUsingLDAPProtocol | Microsoft.AdvancedThreatAnalytics.1_7.Gateway | AvailabilityHealth | True | True |
| ATA-Gateway konnte die Konfiguration nicht von ATA Center synchronisieren | Microsoft.AdvancedThreatAnalytics.1_7.Gateway.FailedToSynchronizeConfigurationFromCenter | Microsoft.AdvancedThreatAnalytics.1_7.Gateway | AvailabilityHealth | True | True |
| ATA-Gateway konnte die Center-Zertifikatkette nicht überprüfen | Microsoft.AdvancedThreatAnalytics.1_7.Gateway.FailedToValidateCenterCertificateChain | Microsoft.AdvancedThreatAnalytics.1_7.Gateway | AvailabilityHealth | True | True |
| ATA-Gateway besitzt nicht genügend Arbeitsspeicher | Microsoft.AdvancedThreatAnalytics.1_7.Gateway.GatewayDoesNotHaveEnoughMemory | Microsoft.AdvancedThreatAnalytics.1_7.Gateway | AvailabilityHealth | True | True |
| Maximale Größe des zugesicherten Arbeitsspeichers für GatewayUpdaterResourceManager | Microsoft.AdvancedThreatAnalytics.1_7.Gateway.GatewayUpdaterResourceManagerCommitMemoryMaxSize | Microsoft.AdvancedThreatAnalytics.1_7.Gateway | PerformanceCollection | True | False |
| Max. CPU-Zeit für GatewayUpdaterResourceManager in \% | Microsoft.AdvancedThreatAnalytics.1_7.Gateway.GatewayUpdaterResourceManagerCPUTimeMax_ | Microsoft.AdvancedThreatAnalytics.1_7.Gateway | PerformanceCollection | True | False |
| Größe des Grenzwerts für den GatewayUpdaterResourceManager-Arbeitssatz | Microsoft.AdvancedThreatAnalytics.1_7.Gateway.GatewayUpdaterResourceManagerWorkingSetLimitSize | Microsoft.AdvancedThreatAnalytics.1_7.Gateway | PerformanceCollection | True | False |
| Ein Hosteintrag in der HOSTS-Datei verweist auf den Kurznamen des Computers | Microsoft.AdvancedThreatAnalytics.1_7.Gateway.HostEntryInHOSTSFile | Microsoft.AdvancedThreatAnalytics.1_7.Gateway | AvailabilityHealth | True | True |
| Nachrichtenanalyse ist auf dem ATA-Gateway installiert | Microsoft.AdvancedThreatAnalytics.1_7.Gateway.MessageAnalyzerIsInstalledOnGateway | Microsoft.AdvancedThreatAnalytics.1_7.Gateway | AvailabilityHealth | True | True |
| Blockgröße 0 für NetworkActivityTranslator-Nachrichtendaten | Microsoft.AdvancedThreatAnalytics.1_7.Gateway.NetworkActivityTranslatorMessageData0BlockSize | Microsoft.AdvancedThreatAnalytics.1_7.Gateway | PerformanceCollection | True | False |
| Blockgröße 1 für NetworkActivityTranslator-Nachrichtendaten | Microsoft.AdvancedThreatAnalytics.1_7.Gateway.NetworkActivityTranslatorMessageData1BlockSize | Microsoft.AdvancedThreatAnalytics.1_7.Gateway | PerformanceCollection | True | False |
| Blockgröße 2 für NetworkActivityTranslator-Nachrichtendaten | Microsoft.AdvancedThreatAnalytics.1_7.Gateway.NetworkActivityTranslatorMessageData2BlockSize | Microsoft.AdvancedThreatAnalytics.1_7.Gateway | PerformanceCollection | True | False |
| NetworkListener-ETW-Löschereignisse/Sek. | Microsoft.AdvancedThreatAnalytics.1_7.Gateway.NetworkListenerETWDroppedEvents_Sec | Microsoft.AdvancedThreatAnalytics.1_7.Gateway | PerformanceCollection | True | False |
| NetworkListener-PEF-Löschereignisse/Sek. | Microsoft.AdvancedThreatAnalytics.1_7.Gateway.NetworkListenerPEFDroppedEvents_Sec | Microsoft.AdvancedThreatAnalytics.1_7.Gateway | PerformanceCollection | True | False |
| Analysierte NetworkListener-PEF-Nachrichten/Sek. | Microsoft.AdvancedThreatAnalytics.1_7.Gateway.NetworkListenerPEFParsedMessages_Sec | Microsoft.AdvancedThreatAnalytics.1_7.Gateway | PerformanceCollection | True | False |
| Auf Ihrem Computer stehen noch weitere Installationen aus | Microsoft.AdvancedThreatAnalytics.1_7.Gateway.OtherPendingInstallations | Microsoft.AdvancedThreatAnalytics.1_7.Gateway | AvailabilityHealth | True | True |
| PEF (Nachrichtenanalyse) wurde nicht ordnungsgemäß installiert | Microsoft.AdvancedThreatAnalytics.1_7.Gateway.PEFWasNotInstalledCorrectly | Microsoft.AdvancedThreatAnalytics.1_7.Gateway | AvailabilityHealth | True | True |
| PIDs waren für Prozessnamen im ATA-Gateway aktiviert | Microsoft.AdvancedThreatAnalytics.1_7.Gateway.PIDsWasEnabledForProcessNamesInGateway | Microsoft.AdvancedThreatAnalytics.1_7.Gateway | AvailabilityHealth | True | True |
| DisplayName | ID | Target | Accessibility | Category | Enabled | |
|---|---|---|---|---|---|---|
 | ATACenter-Dienst neu starten | Microsoft.AdvancedThreatAnalytics.1_7.Center.ATACenter.Restart | Microsoft.AdvancedThreatAnalytics.1_7.Center | Internal | Maintenance | True |
| ATACenter-Dienst starten | Microsoft.AdvancedThreatAnalytics.1_7.Center.ATACenter.Start | Microsoft.AdvancedThreatAnalytics.1_7.Center | Internal | Maintenance | True |
| ATACenter-Dienst beenden | Microsoft.AdvancedThreatAnalytics.1_7.Center.ATACenter.Stop | Microsoft.AdvancedThreatAnalytics.1_7.Center | Internal | Maintenance | True |
| MongoDB-Dienst neu starten | Microsoft.AdvancedThreatAnalytics.1_7.Database.MongoDB.Restart | Microsoft.AdvancedThreatAnalytics.1_7.Database | Internal | Maintenance | True |
| MongoDB-Dienst starten | Microsoft.AdvancedThreatAnalytics.1_7.Database.MongoDB.Start | Microsoft.AdvancedThreatAnalytics.1_7.Database | Internal | Maintenance | True |
| MongoDB-Dienst beenden | Microsoft.AdvancedThreatAnalytics.1_7.Database.MongoDB.Stop | Microsoft.AdvancedThreatAnalytics.1_7.Database | Internal | Maintenance | True |
| ATAGateway-Dienst neu starten | Microsoft.AdvancedThreatAnalytics.1_7.Gateway.ATAGateway.Restart | Microsoft.AdvancedThreatAnalytics.1_7.Gateway | Internal | Maintenance | True |
| ATAGateway-Dienst starten | Microsoft.AdvancedThreatAnalytics.1_7.Gateway.ATAGateway.Start | Microsoft.AdvancedThreatAnalytics.1_7.Gateway | Internal | Maintenance | True |
| ATAGateway-Dienst beenden | Microsoft.AdvancedThreatAnalytics.1_7.Gateway.ATAGateway.Stop | Microsoft.AdvancedThreatAnalytics.1_7.Gateway | Internal | Maintenance | True |
| ATAGatewayUpdater-Dienst neu starten | Microsoft.AdvancedThreatAnalytics.1_7.Gateway.ATAGatewayUpdater.Restart | Microsoft.AdvancedThreatAnalytics.1_7.Gateway | Internal | Maintenance | True |
| ATAGatewayUpdater-Dienst starten | Microsoft.AdvancedThreatAnalytics.1_7.Gateway.ATAGatewayUpdater.Start | Microsoft.AdvancedThreatAnalytics.1_7.Gateway | Internal | Maintenance | True |
| ATAGatewayUpdater-Dienst beenden | Microsoft.AdvancedThreatAnalytics.1_7.Gateway.ATAGatewayUpdater.Stop | Microsoft.AdvancedThreatAnalytics.1_7.Gateway | Internal | Maintenance | True |
| DisplayName | ID | Target | Accessibility | Enabled | |
|---|---|---|---|---|---|
 | ATA Center-Konsolentask öffnen | Microsoft.AdvancedThreatAnalytics.1_7.Center.ATAConsole.Task | Microsoft.AdvancedThreatAnalytics.1_7.Center | Internal | True |
| ID | FolderName | ElementID | |
|---|---|---|---|
 | Microsoft.AdvancedThreatAnalytics.1_7.Center.SecurityAlerts.FolderItem | Microsoft.AdvancedThreatAnalytics.1_7.Folder.Root | Microsoft.AdvancedThreatAnalytics.1_7.Center.SecurityAlerts |
| Microsoft.AdvancedThreatAnalytics.1_7.HealthAlerts.FolderItem | Microsoft.AdvancedThreatAnalytics.1_7.Folder.Root | Microsoft.AdvancedThreatAnalytics.1_7.HealthAlerts |
| Microsoft.AdvancedThreatAnalytics.1_7.PerformanceAlerts.FolderItem | Microsoft.AdvancedThreatAnalytics.1_7.Folder.Root | Microsoft.AdvancedThreatAnalytics.1_7.PerformanceAlerts |
| Microsoft.AdvancedThreatAnalytics.1_7.StateGrid.FolderItem | Microsoft.AdvancedThreatAnalytics.1_7.Folder.Root | Microsoft.AdvancedThreatAnalytics.1_7.StateGrid |
| DisplayName | ID | ParentFolder | Accessibility | |
|---|---|---|---|---|
| Advanced Threat Analytics 1.7 | Microsoft.AdvancedThreatAnalytics.1_7.Folder.Root | Microsoft.AdvancedThreatAnalytics.Folder.Root | Public |
| DisplayName | ID | ImageID | |
|---|---|---|---|
 | Advanced Threat Analytics 1.7 Center | Microsoft.AdvancedThreatAnalytics.1_7.Center | Microsoft.AdvancedThreatAnalytics.Center.Small.Icon |
| Advanced Threat Analytics 1.7-Gatewaycontainer | Microsoft.AdvancedThreatAnalytics.1_7.Container.Gateway | Microsoft.AdvancedThreatAnalytics.Container.Gateway.Small.Icon |
| Advanced Threat Analytics 1.7-Lightweight-Gateway | Microsoft.AdvancedThreatAnalytics.1_7.Gateway.LightWeight | Microsoft.AdvancedThreatAnalytics.LightweightGateway.Small.Icon |
| Eigenständiges Advanced Threat Analytics 1.7-Gateway | Microsoft.AdvancedThreatAnalytics.1_7.Gateway.Standalone | Microsoft.AdvancedThreatAnalytics.Gateway.Standalone.Small.Icon |
| Advanced Threat Analytics 1.7-Dienst | Microsoft.AdvancedThreatAnalytics.1_7.Service | Microsoft.AdvancedThreatAnalytics.Service.Small.Icon |
| DisplayName | ID | Target | Type | Accessibility | Visible | |
|---|---|---|---|---|---|---|
 | Sicherheitswarnungen | Microsoft.AdvancedThreatAnalytics.1_7.Center.SecurityAlerts | Microsoft.AdvancedThreatAnalytics.1_7.Center | Microsoft.SystemCenter.AlertViewType | Internal | True |
| Integritätswarnungen | Microsoft.AdvancedThreatAnalytics.1_7.HealthAlerts | Microsoft.AdvancedThreatAnalytics.1_7.InstancesGroup | Microsoft.SystemCenter.AlertViewType | Public | True |
| Leistungswarnungen | Microsoft.AdvancedThreatAnalytics.1_7.PerformanceAlerts | Microsoft.AdvancedThreatAnalytics.1_7.InstancesGroup | Microsoft.SystemCenter.AlertViewType | Public | True |
| ID | Type | Platform | Target | Accessibility | |
|---|---|---|---|---|---|
 | Microsoft.AdvancedThreatAnalytics.1_7.StateGrid.Center.Implementation | Microsoft.AdvancedThreatAnalytics.1_7.StateGrid.Center | Wpf, Silverlight | Public | |
| Microsoft.AdvancedThreatAnalytics.1_7.StateGrid.Details.Implementation | Microsoft.AdvancedThreatAnalytics.1_7.StateGrid.Details | Wpf, Silverlight | Public | |
| Microsoft.AdvancedThreatAnalytics.1_7.StateGrid.Gateway.Implementation | Microsoft.AdvancedThreatAnalytics.1_7.StateGrid.Gateway | Wpf, Silverlight | Public | |
| Microsoft.AdvancedThreatAnalytics.1_7.StateGrid.Implementation | Microsoft.AdvancedThreatAnalytics.1_7.StateGrid | Wpf, Silverlight | Public |
| ID | Type | Parent | Accessibility | |
|---|---|---|---|---|
| Microsoft.AdvancedThreatAnalytics.1_7.StateGrid.Center.Reference | Microsoft.AdvancedThreatAnalytics.1_7.StateGrid.Center | Microsoft.AdvancedThreatAnalytics.1_7.StateGrid | Public |
| Microsoft.AdvancedThreatAnalytics.1_7.StateGrid.Details.Reference | Microsoft.AdvancedThreatAnalytics.1_7.StateGrid.Details | Microsoft.AdvancedThreatAnalytics.1_7.StateGrid | Public |
| Microsoft.AdvancedThreatAnalytics.1_7.StateGrid.Gateway.Reference | Microsoft.AdvancedThreatAnalytics.1_7.StateGrid.Gateway | Microsoft.AdvancedThreatAnalytics.1_7.StateGrid | Public |
| Microsoft.AdvancedThreatAnalytics.1_7.StateGrid.Reference | Microsoft.AdvancedThreatAnalytics.1_7.StateGrid | Microsoft.AdvancedThreatAnalytics.1_7.Folder.Root | Public |
| DisplayName | ID | Accessibility | |
|---|---|---|---|
| Integritätsstatus | Microsoft.AdvancedThreatAnalytics.1_7.StateGrid | Public |
| Integritätszustand – Center | Microsoft.AdvancedThreatAnalytics.1_7.StateGrid.Center | Public |
| Integritätszustand – Details | Microsoft.AdvancedThreatAnalytics.1_7.StateGrid.Details | Public |
| Integritätszustand – Gateway | Microsoft.AdvancedThreatAnalytics.1_7.StateGrid.Gateway | Public |
Home
DEU 
Show Management Pack References