Management Pack für Microsoft Advanced Threat Analytics 1.8
Dies ist das Management Pack für Advanced Threat Analytics 1.8. Dieses Management Pack enthält alle Klassen, Ansichten, Monitore und Ermittlungen für ATA 1.8.
| DisplayName | ID | Base Class | Abstract | Hosted | Singleton | Group | Extension | Accessibility | |
|---|---|---|---|---|---|---|---|---|---|
 | Advanced Threat Analytics 1.8 Center | Microsoft.AdvancedThreatAnalytics.1_8.Center | Microsoft.Windows.ComputerRole | False | True | False | False | False | Public |
 | Advanced Threat Analytics 1.8-Gatewaycontainer | Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway | Microsoft.AdvancedThreatAnalytics.ServiceComponent | False | False | False | False | False | Public |
 | Advanced Threat Analytics 1.8-Datenbank | Microsoft.AdvancedThreatAnalytics.1_8.Database | System.Database | False | True | False | False | False | Public |
 | Advanced Threat Analytics 1.8-Gateway | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | Microsoft.Windows.ComputerRole | True | True | False | False | False | Public |
 | Advanced Threat Analytics 1.8-Lightweight-Gateway | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.LightWeight | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | False | True | False | False | False | Public |
 | Eigenständiges Advanced Threat Analytics 1.8-Gateway | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.Standalone | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | False | True | False | False | False | Public |
 | Advanced Threat Analytics 1.8-Instanzengruppen | Microsoft.AdvancedThreatAnalytics.1_8.InstancesGroup | Microsoft.SystemCenter.InstanceGroup | False | False | True | True | False | Public |
 | Advanced Threat Analytics 1.8-Seedingklasse | Microsoft.AdvancedThreatAnalytics.1_8.Seed | Microsoft.Windows.LocalApplication | False | True | False | False | False | Public |
 | Advanced Threat Analytics 1.8-Servergruppe | Microsoft.AdvancedThreatAnalytics.1_8.ServersGroup | Microsoft.SystemCenter.ComputerGroup | False | False | True | True | False | Public |
 | Advanced Threat Analytics 1.8-Dienst | Microsoft.AdvancedThreatAnalytics.1_8.Service | Microsoft.AdvancedThreatAnalytics.ServiceComponent | False | False | False | False | False | Public |
| Advanced Threat Analytics 1.8-Dienstgruppe | Microsoft.AdvancedThreatAnalytics.1_8.ServiceGroup | Microsoft.SystemCenter.InstanceGroup | False | False | True | True | False | Public |
| DisplayName | ID | Source | Target | Accessibility | Abstract | |
|---|---|---|---|---|---|---|
 | Microsoft Advanced Threat Analytics 1.8 Center hostet 1.8-Datenbank. | Microsoft.AdvancedThreatAnalytics.1_8.Center.hosts.Microsoft.AdvancedThreatAnalytics.1_8.Database | Microsoft.AdvancedThreatAnalytics.1_8.Center | Microsoft.AdvancedThreatAnalytics.1_8.Database | Public | False |
| Advanced Threat Analytics 1.8-Container (Gateway) enthält 1.8-Lightweight-Gateway. | Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway.contains.Microsoft.AdvancedThreatAnalytics.1_8.Gateway.LightWeight | Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.LightWeight | Public | False |
| Advanced Threat Analytics 1.8-Container (Gateway) enthält eigenständiges 1.8-Gateway. | Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway.contains.Microsoft.AdvancedThreatAnalytics.1_8.Gateway.Standalone | Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.Standalone | Public | False |
| Advanced Threat Analytics 1.8-Dienst enthält 1.8 Center. | Microsoft.AdvancedThreatAnalytics.1_8.Service.contains.Microsoft.AdvancedThreatAnalytics.1_8.Center | Microsoft.AdvancedThreatAnalytics.1_8.Service | Microsoft.AdvancedThreatAnalytics.1_8.Center | Public | False |
| Advanced Threat Analytics 1.8-Dienst enthält 1.8-Container (Gateway). | Microsoft.AdvancedThreatAnalytics.1_8.Service.contains.Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway | Microsoft.AdvancedThreatAnalytics.1_8.Service | Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway | Public | False |
| Advanced Threat Analytics-Container enthält 1.8-Dienst | Microsoft.AdvancedThreatAnalytics.Container.contains.Microsoft.AdvancedThreatAnalytics.1_8.Service | Microsoft.AdvancedThreatAnalytics.Container | Microsoft.AdvancedThreatAnalytics.1_8.Service | Public | False |
| DisplayName | ID | Isolation | Accessibility | |
|---|---|---|---|---|
 | Datenquelle für die Advanced Threat Analytics 1.8 Center-Ermittlung | Microsoft.AdvancedThreatAnalytics.1_8.Center.Discovery.DataSource | Any | Internal |
| Datenquelle für die Advanced Threat Analytics 1.8 Distributed Application-Ermittlung | Microsoft.AdvancedThreatAnalytics.1_8.DistributedApplication.Discovery.DataSource | Any | Internal |
| Datenquelle für die Advanced Threat Analytics 1.8-Gatewayermittlung | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.Discovery.DataSource | Any | Internal |
| ATA-Protokolldateianbieter | Microsoft.AdvancedThreatAnalytics.LogFileProvider | Any | Internal |
| ID | Target | |
|---|---|---|
 | Microsoft.AdvancedThreatAnalytics.1_8.Center.ATAConsole.Task.Category | Microsoft.AdvancedThreatAnalytics.1_8.Center.ATAConsole.Task |
| Microsoft.AdvancedThreatAnalytics.1_8.Center.Icon.Category | Microsoft.AdvancedThreatAnalytics.Center.Icon |
| Microsoft.AdvancedThreatAnalytics.1_8.Center.Small.Icon.Category | Microsoft.AdvancedThreatAnalytics.Center.Small.Icon |
| Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway.Icon.Category | Microsoft.AdvancedThreatAnalytics.Container.Gateway.Icon |
| Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway.Small.Icon.Category | Microsoft.AdvancedThreatAnalytics.Container.Gateway.Small.Icon |
| Microsoft.AdvancedThreatAnalytics.1_8.Gateway.Standalone.Icon.Category | Microsoft.AdvancedThreatAnalytics.Gateway.Standalone.Icon |
| Microsoft.AdvancedThreatAnalytics.1_8.Gateway.Standalone.Small.Icon.Category | Microsoft.AdvancedThreatAnalytics.Gateway.Standalone.Small.Icon |
| Microsoft.AdvancedThreatAnalytics.1_8.LightweightGateway.Icon.Category | Microsoft.AdvancedThreatAnalytics.LightweightGateway.Icon |
| Microsoft.AdvancedThreatAnalytics.1_8.LightweightGateway.Small.Icon.Category | Microsoft.AdvancedThreatAnalytics.LightweightGateway.Small.Icon |
| Microsoft.AdvancedThreatAnalytics.1_8.Service.Icon.Category | Microsoft.AdvancedThreatAnalytics.Service.Icon |
| Microsoft.AdvancedThreatAnalytics.1_8.Service.Small.Icon.Category | Microsoft.AdvancedThreatAnalytics.Service.Small.Icon |
| DisplayName | ID | Target | Enabled | |
|---|---|---|---|---|
 | Advanced Threat Analytics 1.8 Center-Ermittlung | Microsoft.AdvancedThreatAnalytics.1_8.Center.Discovery | Microsoft.AdvancedThreatAnalytics.1_8.Seed | True |
| Advanced Threat Analytics 1.8 Distributed Application-Ermittlung | Microsoft.AdvancedThreatAnalytics.1_8.DistributedApplication.Discovery | Microsoft.SystemCenter.AllManagementServersPool | True |
| Advanced Threat Analytics 1.8-Gatewayermittlung | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.Discovery | Microsoft.AdvancedThreatAnalytics.1_8.Seed | True |
| Ermittlung von Advanced Threat Analytics 1.8-Instanzengruppen | Microsoft.AdvancedThreatAnalytics.1_8.InstancesGroup.Discovery | Microsoft.AdvancedThreatAnalytics.1_8.InstancesGroup | True |
| Ermittlung von Advanced Threat Analytics 1.8-Seeding | Microsoft.AdvancedThreatAnalytics.1_8.Seed.Discovery | Microsoft.Windows.Server.OperatingSystem | True |
| Ermittlung von Advanced Threat Analytics 1.8-Servergruppen | Microsoft.AdvancedThreatAnalytics.1_8.ServersGroup.Discovery | Microsoft.AdvancedThreatAnalytics.1_8.ServersGroup | True |
| Ermittlung von Advanced Threat Analytics 1.8-Dienstgruppen | Microsoft.AdvancedThreatAnalytics.1_8.ServiceGroup.Discovery | Microsoft.AdvancedThreatAnalytics.1_8.ServiceGroup | True |
| DisplayName | ID | Target | Algorithm | Source Monitor | Relationship | Category | Enabled | Alert Generate | Accessibility | |
|---|---|---|---|---|---|---|---|---|---|---|
 | Rollupmonitor zur Center-Verfügbarkeit | Microsoft.AdvancedThreatAnalytics.1_8.Center.Availability.RollupMonitor | Microsoft.AdvancedThreatAnalytics.1_8.Center | WorstOf | System.Health.AvailabilityState | Microsoft.AdvancedThreatAnalytics.1_8.Center.hosts.Microsoft.AdvancedThreatAnalytics.1_8.Database | AvailabilityHealth | True | False | Public |
| Rollupmonitor zur Center-Konfiguration | Microsoft.AdvancedThreatAnalytics.1_8.Center.Configuration.RollupMonitor | Microsoft.AdvancedThreatAnalytics.1_8.Center | WorstOf | System.Health.ConfigurationState | Microsoft.AdvancedThreatAnalytics.1_8.Center.hosts.Microsoft.AdvancedThreatAnalytics.1_8.Database | ConfigurationHealth | True | False | Public |
| Rollupmonitor zur Center-Leistung | Microsoft.AdvancedThreatAnalytics.1_8.Center.Performance.RollupMonitor | Microsoft.AdvancedThreatAnalytics.1_8.Center | WorstOf | System.Health.PerformanceState | Microsoft.AdvancedThreatAnalytics.1_8.Center.hosts.Microsoft.AdvancedThreatAnalytics.1_8.Database | PerformanceHealth | True | False | Public |
| Rollupmonitor zur Center-Sicherheit | Microsoft.AdvancedThreatAnalytics.1_8.Center.Security.RollupMonitor | Microsoft.AdvancedThreatAnalytics.1_8.Center | WorstOf | System.Health.SecurityState | Microsoft.AdvancedThreatAnalytics.1_8.Center.hosts.Microsoft.AdvancedThreatAnalytics.1_8.Database | SecurityHealth | True | False | Public |
| Rollupmonitor zur Verfügbarkeit des Gateways (Lightweight) | Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway.LightWeight.Availability.RollupMonitor | Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway | WorstOf | System.Health.AvailabilityState | Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway.contains.Microsoft.AdvancedThreatAnalytics.1_8.Gateway.LightWeight | AvailabilityHealth | True | False | Public |
| Rollupmonitor zur Konfiguration des Gateways (Lightweight) | Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway.LightWeight.Configuration.RollupMonitor | Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway | WorstOf | System.Health.ConfigurationState | Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway.contains.Microsoft.AdvancedThreatAnalytics.1_8.Gateway.LightWeight | ConfigurationHealth | True | False | Public |
| Rollupmonitor zur Leistung des Gateways (Lightweight) | Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway.LightWeight.Performance.RollupMonitor | Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway | WorstOf | System.Health.PerformanceState | Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway.contains.Microsoft.AdvancedThreatAnalytics.1_8.Gateway.LightWeight | PerformanceHealth | True | False | Public |
| Rollupmonitor zur Sicherheit des Gateways (Lightweight) | Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway.LightWeight.Security.RollupMonitor | Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway | WorstOf | System.Health.SecurityState | Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway.contains.Microsoft.AdvancedThreatAnalytics.1_8.Gateway.LightWeight | SecurityHealth | True | False | Public |
| Rollupmonitor zur Verfügbarkeit des Gateways (eigenständig) | Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway.Standalone.Availability.RollupMonitor | Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway | WorstOf | System.Health.AvailabilityState | Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway.contains.Microsoft.AdvancedThreatAnalytics.1_8.Gateway.Standalone | AvailabilityHealth | True | False | Public |
| Rollupmonitor zur Konfiguration des Gateways (eigenständig) | Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway.Standalone.Configuration.RollupMonitor | Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway | WorstOf | System.Health.ConfigurationState | Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway.contains.Microsoft.AdvancedThreatAnalytics.1_8.Gateway.Standalone | ConfigurationHealth | True | False | Public |
| Rollupmonitor zur Leistung des Gateways (eigenständig) | Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway.Standalone.Performance.RollupMonitor | Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway | WorstOf | System.Health.PerformanceState | Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway.contains.Microsoft.AdvancedThreatAnalytics.1_8.Gateway.Standalone | PerformanceHealth | True | False | Public |
| Rollupmonitor zur Sicherheit des Gateways (eigenständig) | Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway.Standalone.Security.RollupMonitor | Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway | WorstOf | System.Health.SecurityState | Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway.contains.Microsoft.AdvancedThreatAnalytics.1_8.Gateway.Standalone | SecurityHealth | True | False | Public |
| Rollupmonitor zur Verfügbarkeit des Diensts (Center) | Microsoft.AdvancedThreatAnalytics.1_8.Service.Center.Availability.RollupMonitor | Microsoft.AdvancedThreatAnalytics.1_8.Service | WorstOf | System.Health.AvailabilityState | Microsoft.AdvancedThreatAnalytics.1_8.Service.contains.Microsoft.AdvancedThreatAnalytics.1_8.Center | AvailabilityHealth | True | False | Public |
| Rollupmonitor zur Konfiguration des Diensts (Center) | Microsoft.AdvancedThreatAnalytics.1_8.Service.Center.Configuration.RollupMonitor | Microsoft.AdvancedThreatAnalytics.1_8.Service | WorstOf | System.Health.ConfigurationState | Microsoft.AdvancedThreatAnalytics.1_8.Service.contains.Microsoft.AdvancedThreatAnalytics.1_8.Center | ConfigurationHealth | True | False | Public |
| Rollupmonitor zur Leistung des Diensts (Center) | Microsoft.AdvancedThreatAnalytics.1_8.Service.Center.Performance.RollupMonitor | Microsoft.AdvancedThreatAnalytics.1_8.Service | WorstOf | System.Health.PerformanceState | Microsoft.AdvancedThreatAnalytics.1_8.Service.contains.Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceHealth | True | False | Public |
| Rollupmonitor zur Sicherheit des Diensts (Center) | Microsoft.AdvancedThreatAnalytics.1_8.Service.Center.Security.RollupMonitor | Microsoft.AdvancedThreatAnalytics.1_8.Service | WorstOf | System.Health.SecurityState | Microsoft.AdvancedThreatAnalytics.1_8.Service.contains.Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | True | False | Public |
| Rollupmonitor zur Verfügbarkeit des Diensts (Gateway) | Microsoft.AdvancedThreatAnalytics.1_8.Service.Gateway.Availability.RollupMonitor | Microsoft.AdvancedThreatAnalytics.1_8.Service | WorstOf | System.Health.AvailabilityState | Microsoft.AdvancedThreatAnalytics.1_8.Service.contains.Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway | AvailabilityHealth | True | False | Public |
| Rollupmonitor zur Konfiguration des Diensts (Gateway) | Microsoft.AdvancedThreatAnalytics.1_8.Service.Gateway.Configuration.RollupMonitor | Microsoft.AdvancedThreatAnalytics.1_8.Service | WorstOf | System.Health.ConfigurationState | Microsoft.AdvancedThreatAnalytics.1_8.Service.contains.Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway | ConfigurationHealth | True | False | Public |
| Rollupmonitor zur Leistung des Diensts (Gateway) | Microsoft.AdvancedThreatAnalytics.1_8.Service.Gateway.Performance.RollupMonitor | Microsoft.AdvancedThreatAnalytics.1_8.Service | WorstOf | System.Health.PerformanceState | Microsoft.AdvancedThreatAnalytics.1_8.Service.contains.Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway | PerformanceHealth | True | False | Public |
| Rollupmonitor zur Sicherheit des Diensts (Gateway) | Microsoft.AdvancedThreatAnalytics.1_8.Service.Gateway.Security.RollupMonitor | Microsoft.AdvancedThreatAnalytics.1_8.Service | WorstOf | System.Health.SecurityState | Microsoft.AdvancedThreatAnalytics.1_8.Service.contains.Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway | SecurityHealth | True | False | Public |
| Rollupmonitor zur Stammverfügbarkeit | Microsoft.AdvancedThreatAnalytics.Container.Availability.RollupMonitor | Microsoft.AdvancedThreatAnalytics.Container | WorstOf | System.Health.AvailabilityState | Microsoft.AdvancedThreatAnalytics.Container.contains.Microsoft.AdvancedThreatAnalytics.1_8.Service | AvailabilityHealth | True | False | Public |
| Rollupmonitor zur Stammkonfiguration | Microsoft.AdvancedThreatAnalytics.Container.Configuration.RollupMonitor | Microsoft.AdvancedThreatAnalytics.Container | WorstOf | System.Health.ConfigurationState | Microsoft.AdvancedThreatAnalytics.Container.contains.Microsoft.AdvancedThreatAnalytics.1_8.Service | ConfigurationHealth | True | False | Public |
| Rollupmonitor zur Stammleistung | Microsoft.AdvancedThreatAnalytics.Container.Performance.RollupMonitor | Microsoft.AdvancedThreatAnalytics.Container | WorstOf | System.Health.PerformanceState | Microsoft.AdvancedThreatAnalytics.Container.contains.Microsoft.AdvancedThreatAnalytics.1_8.Service | PerformanceHealth | True | False | Public |
| Rollupmonitor zur Stammsicherheit | Microsoft.AdvancedThreatAnalytics.Container.Security.RollupMonitor | Microsoft.AdvancedThreatAnalytics.Container | WorstOf | System.Health.SecurityState | Microsoft.AdvancedThreatAnalytics.Container.contains.Microsoft.AdvancedThreatAnalytics.1_8.Service | SecurityHealth | True | False | Public |
| DisplayName | ID | Target | Category | Enabled | Alert Generate | Accessibility | |
|---|---|---|---|---|---|---|---|
 | Monitor für ATA Center-Dienst | Microsoft.AdvancedThreatAnalytics.1_8.Center.ATACenter | Microsoft.AdvancedThreatAnalytics.1_8.Center | AvailabilityHealth | True | True | Public |
| AtSVC-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseAtSvcBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceHealth | True | True | Public |
| DirectoryServicesActivity-Blockgröße der Datenbank< | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseDirectoryServicesActivityBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceHealth | True | True | Public |
| DNS-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseDnsBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceHealth | True | True | Public |
| DRSR-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseDrsrBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceHealth | True | True | Public |
| GroupMembershipChangeEvent-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseGroupMembershipChangeEventBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceHealth | True | True | Public |
| KerberosAP-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseKerberosApBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceHealth | True | True | Public |
| KerberosAS-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseKerberosAsBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceHealth | True | True | Public |
| KerberosTGS-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseKerberosTgsBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceHealth | True | True | Public |
| LDAP-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseLdapBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceHealth | True | True | Public |
| LogonEvent-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseLogonEventBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceHealth | True | True | Public |
| LsaRPC-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseLsaRpcBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceHealth | True | True | Public |
| Netlogon-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseNetlogonBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceHealth | True | True | Public |
| NTLM-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseNtlmBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceHealth | True | True | Public |
| NTLMEvent-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseNtlmEventBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceHealth | True | True | Public |
| SAMR-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseSamrBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceHealth | True | True | Public |
| ServiceControl-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseServiceControlBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceHealth | True | True | Public |
| SMB-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseSmbBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceHealth | True | True | Public |
| SrvSVC-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseSrvSvcBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceHealth | True | True | Public |
| TaskScheduler-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseTaskSchedulerBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceHealth | True | True | Public |
| VpnAuthenticationEvent-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseVpnAuthenticationEventBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceHealth | True | True | Public |
| Wmi-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseWmiBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceHealth | True | True | Public |
| Blockgröße für EntityProfiler-Netzwerkaktivität | Microsoft.AdvancedThreatAnalytics.1_8.Center.EntityProfilerNetworkActivityBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceHealth | True | True | Public |
| Blockgröße für EntityReceiver-Entitätsbatch | Microsoft.AdvancedThreatAnalytics.1_8.Center.EntityReceiverEntityBatchBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceHealth | True | True | Public |
| Blockgröße für NetworkActivityProcessor-Netzwerkaktivität | Microsoft.AdvancedThreatAnalytics.1_8.Center.NetworkActivityProcessorNetworkActivityBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceHealth | True | True | Public |
| MongoDB-Dienstmonitor | Microsoft.AdvancedThreatAnalytics.1_8.Database.MongoDB | Microsoft.AdvancedThreatAnalytics.1_8.Database | AvailabilityHealth | True | True | Public |
| Monitor für ATA-Gatewaydienst | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.ATAGateway | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | AvailabilityHealth | True | True | Public |
| Monitor für ATA-Gatewayaktualisierungsdienst | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.ATAGatewayUpdater | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | AvailabilityHealth | True | True | Public |
| Blockgröße für EntityResolver-Aktivität | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.EntityResolverActivityBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | PerformanceHealth | True | True | Public |
| Blockgröße für EntitySender-Entitätsbatch | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.EntitySenderEntityBatchBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | PerformanceHealth | True | True | Public |
| Sendezeit für EntitySender-Entitätsbatch | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.EntitySenderEntityBatchSendTime.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | PerformanceHealth | True | True | Public |
| Blockgröße 0 für NetworkActivityTranslator-Nachrichtendaten | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.NetworkActivityTranslatorMessageData0BlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | PerformanceHealth | True | True | Public |
| NetworkListener-ETW-Löschereignisse/Sek. | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.NetworkListenerETWDroppedEventsSec.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | PerformanceHealth | True | True | Public |
| NetworkListener-PEF-Löschereignisse/Sek. | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.NetworkListenerPEFDroppedEventsSec.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | PerformanceHealth | True | True | Public |
| DisplayName | ID | Target | Category | Enabled | Alert Generate | |
|---|---|---|---|---|---|---|
 | Warnungsregel für verdächtige Aktivität durch ungewöhnliches Verhalten | Microsoft.AdvancedThreatAnalytics.1_8.Center.AbnormalBehaviorSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
| Warnungsregel für verdächtige Aktivität durch ungewöhnliches Protokoll | Microsoft.AdvancedThreatAnalytics.1_8.Center.AbnormalProtocolSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
| Warnungsregel für nicht normale verdächtige Aktivitäten zur Änderung von Mitgliedschaften in sensiblen Gruppen | Microsoft.AdvancedThreatAnalytics.1_8.Center.AbnormalSensitiveGroupMembershipChangeSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
| Warnungsregel für verdächtige Aktivität durch ungewöhnliches VPN | Microsoft.AdvancedThreatAnalytics.1_8.Center.AbnormalVpnSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
| Warnungsregel für verdächtige Aktivität durch Kontoenumeration | Microsoft.AdvancedThreatAnalytics.1_8.Center.AccountEnumerationSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
| Warnungsregel für verdächtige Aktivität durch Brute-Force-Angriff | Microsoft.AdvancedThreatAnalytics.1_8.Center.BruteForceSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
| ATA 1.8 – Warnungsregel für die Überwachung des verfügbaren Speicherplatzes auf dem Datenlaufwerk der Center-Datenbank | Microsoft.AdvancedThreatAnalytics.1_8.Center.CenterDatabaseDataDriveFreeSpaceMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_8.Center | AvailabilityHealth | True | True |
| ATA 1.8 – Warnungsregel für die Überwachung auf Verbindungstrennung der Center-Datenbank | Microsoft.AdvancedThreatAnalytics.1_8.Center.CenterDatabaseDisconnectedMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_8.Center | AvailabilityHealth | True | True |
| ATA 1.8 – Warnungsregel für die Überwachung auf Fehler bei der Auflösung Center-externer IP-Adressen | Microsoft.AdvancedThreatAnalytics.1_8.Center.CenterExternalIpAddressResolutionFailureMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_8.Center | AvailabilityHealth | True | True |
| ATA 1.8 – Warnungsregel für die Überwachung von Center-E-Mail | Microsoft.AdvancedThreatAnalytics.1_8.Center.CenterMailMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_8.Center | ConfigurationHealth | True | True |
| ATA 1.8 – Warnungsregel für die Überwachung auf nicht von Center erhaltenen Datenverkehr | Microsoft.AdvancedThreatAnalytics.1_8.Center.CenterNotReceivingTrafficMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_8.Center | AvailabilityHealth | True | True |
| ATA 1.8 – Warnungsregel für die Überwachung auf Überlastung von Center | Microsoft.AdvancedThreatAnalytics.1_8.Center.CenterOverloadedMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceHealth | True | True |
| ATA 1.8 – Warnungsregel für die Überwachung von Center-Syslog | Microsoft.AdvancedThreatAnalytics.1_8.Center.CenterSyslogMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_8.Center | ConfigurationHealth | True | True |
| ATA 1.8 – Warnungsregel für die Überwachung des Zertifikatsablaufs | Microsoft.AdvancedThreatAnalytics.1_8.Center.CertificateExpiryMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_8.Center | ConfigurationHealth | True | True |
| Warnungsregel für verdächtige Aktivität durch Fehler bei der Vorauthentifizierung des Computers | Microsoft.AdvancedThreatAnalytics.1_8.Center.ComputerPreauthenticationFailedSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
| AtSVC-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseAtSvcBlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceCollection | True | False |
| DirectoryServicesActivity-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseDirectoryServicesActivityBlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceCollection | True | False |
| DNS-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseDnsBlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceCollection | True | False |
| DRSR-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseDrsrBlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceCollection | True | False |
| KerberosAP-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseKerberosApBlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceCollection | True | False |
| KerberosAS-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseKerberosAsBlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceCollection | True | False |
| KerberosTGS-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseKerberosTgsBlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceCollection | True | False |
| LDAP-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseLdapBlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceCollection | True | False |
| LsaRPC-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseLsaRpcBlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceCollection | True | False |
| Netlogon-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseNetlogonBlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceCollection | True | False |
| NTLM-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseNtlmBlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceCollection | True | False |
| NTLMEvent-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseNtlmEventBlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceCollection | True | False |
| ServiceControl-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseServiceControlBlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceCollection | True | False |
| SMB-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseSmbBlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceCollection | True | False |
| SrvSVC-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseSrvSvcBlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceCollection | True | False |
| TaskScheduler-Blockgröße für Datenbank | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseTaskSchedulerBlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceCollection | True | False |
| Warnungsregel für verdächtige Aktivität bei der Replikation der Verzeichnisdienste | Microsoft.AdvancedThreatAnalytics.1_8.Center.DirectoryServicesReplicationSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
| Warnungsregel für verdächtige Aktivität durch DNS-Reconnaissance | Microsoft.AdvancedThreatAnalytics.1_8.Center.DnsReconnaissanceSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
| Warnungsregel für verdächtige Aktivität zur Herabstufung der Verschlüsselung | Microsoft.AdvancedThreatAnalytics.1_8.Center.EncryptionDowngradeSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
| Blockgröße für EntityProfiler-Netzwerkaktivität | Microsoft.AdvancedThreatAnalytics.1_8.Center.EntityProfilerNetworkActivityBlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceCollection | True | False |
| Blockgröße für EntityReceiver-Entitätsbatch | Microsoft.AdvancedThreatAnalytics.1_8.Center.EntityReceiverEntityBatchBlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceCollection | True | False |
| Warnungsregel für verdächtige Aktivität zur Herabstufung der Verschlüsselung (Golden Ticket) | Microsoft.AdvancedThreatAnalytics.1_8.Center.EnumerateSessionsSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
| Warnungsregel für verdächtige Aktivität zur Herabstufung der Verschlüsselung (Overpass-the-Hash) | Microsoft.AdvancedThreatAnalytics.1_8.Center.ForgedPacSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
| ATA 1.8 – Warnungsregel für die Überwachung auf fehlerhafte Netzwerkdatenerfassungs-Adapter des Gateways | Microsoft.AdvancedThreatAnalytics.1_8.Center.GatewayCaptureNetworkAdapterFaultedMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_8.Center | AvailabilityHealth | True | True |
| ATA 1.8 – Warnungsregel für die Überwachung auf fehlende Netzwerkdatenerfassungs-Adapter des Gateways | Microsoft.AdvancedThreatAnalytics.1_8.Center.GatewayCaptureNetworkAdapterMissingMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_8.Center | ConfigurationHealth | True | True |
| ATA 1.8 – Warnungsregel für die Überwachung auf Kennwortablauf für das Clientkonto der Gatewayverzeichnisdienste | Microsoft.AdvancedThreatAnalytics.1_8.Center.GatewayDirectoryServicesClientAccountPasswordExpiryMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_8.Center | ConfigurationHealth | True | True |
| ATA 1.8 – Warnungsregel für die Überwachung der Clientkonnektivität von Gatewayverzeichnisdiensten | Microsoft.AdvancedThreatAnalytics.1_8.Center.GatewayDirectoryServicesClientConnectivityMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_8.Center | AvailabilityHealth | True | True |
| ATA 1.8 – Warnungsregel für die Überwachung auf Verbindungstrennung des Gateways | Microsoft.AdvancedThreatAnalytics.1_8.Center.GatewayDisconnectedMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_8.Center | AvailabilityHealth | True | True |
| ATA 1.8 – Warnungsregel für die Überwachung auf nicht zugewiesenen Gatewaydomänensynchronizer | Microsoft.AdvancedThreatAnalytics.1_8.Center.GatewayDomainSynchronizerNotAssignedMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_8.Center | ConfigurationHealth | True | True |
| ATA 1.8 – Warnungsregel für die Überwachung auf zu wenig Arbeitsspeicher auf dem Gateway | Microsoft.AdvancedThreatAnalytics.1_8.Center.GatewayLowMemoryMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceHealth | True | True |
| ATA 1.8 – Warnungsregel für die Überwachung auf überlastete Ereignisaktivitäten auf dem Gateway | Microsoft.AdvancedThreatAnalytics.1_8.Center.GatewayOverloadedEventActivitiesMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceHealth | True | True |
| ATA 1.8 – Warnungsregel für die Überwachung auf überlastete Netzwerkaktivitäten auf dem Gateway | Microsoft.AdvancedThreatAnalytics.1_8.Center.GatewayOverloadedNetworkActivitiesMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceHealth | True | True |
| ATA 1.8 – Warnungsregel für die Überwachung des Gateway-RADIUS-Ereignislisteners | Microsoft.AdvancedThreatAnalytics.1_8.Center.GatewayRadiusEventListenerMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_8.Center | AvailabilityHealth | True | True |
| ATA 1.8 – Warnungsregel für die Überwachung auf veraltete Gateways | Microsoft.AdvancedThreatAnalytics.1_8.Center.GatewaysOutdatedMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_8.Center | ConfigurationHealth | True | True |
| ATA 1.8 – Warnungsregel für die Überwachung auf Startfehler des Gateways | Microsoft.AdvancedThreatAnalytics.1_8.Center.GatewayStartFailureMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_8.Center | AvailabilityHealth | True | True |
| ATA 1.8 – Warnungsregel für die Überwachung des Gateway-Syslog-Ereignislisteners | Microsoft.AdvancedThreatAnalytics.1_8.Center.GatewaySyslogEventListenerMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_8.Center | AvailabilityHealth | True | True |
| Warnungsregel für verdächtige Aktivität zur Herabstufung der Verschlüsselung (Skeleton Key) | Microsoft.AdvancedThreatAnalytics.1_8.Center.GoldenTicketSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
| Warnungsregel für verdächtige Aktivität durch Sitzungsenumeration | Microsoft.AdvancedThreatAnalytics.1_8.Center.HoneytokenActivitySuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
| Warnungsregel für verdächtige Aktivität durch gefälschtes PAC | Microsoft.AdvancedThreatAnalytics.1_8.Center.LdapBruteForceSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
| Warnungsregel für verdächtige Aktivität durch Honeytokenaktivität | Microsoft.AdvancedThreatAnalytics.1_8.Center.LdapCleartextPasswordSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
| Warnungsregel für verdächtige Aktivität durch LDAP-Klartextkennwort bei einfacher Bindung | Microsoft.AdvancedThreatAnalytics.1_8.Center.MassiveObjectDeletionSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
| Blockgröße für NetworkActivityProcessor-Netzwerkaktivität | Microsoft.AdvancedThreatAnalytics.1_8.Center.NetworkActivityProcessorNetworkActivityBlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceCollection | True | False |
| Warnungsregel für verdächtige Aktivität durch umfangreiche Objektlöschungen | Microsoft.AdvancedThreatAnalytics.1_8.Center.PassTheHashSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
| Warnungsregel für verdächtige Aktivität durch Pass-the-Hash | Microsoft.AdvancedThreatAnalytics.1_8.Center.PassTheTicketSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
| Warnungsregel für verdächtige Aktivität durch Pass-the-Ticket | Microsoft.AdvancedThreatAnalytics.1_8.Center.RemoteExecutionSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
| Warnungsregel für verdächtige Aktivität durch Remoteausführung | Microsoft.AdvancedThreatAnalytics.1_8.Center.RetrieveDataProtectionBackupKeySuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
| Warnungsregel für verdächtige Aktivität beim Abrufen des Datenschutz-Sicherungsschlüssels | Microsoft.AdvancedThreatAnalytics.1_8.Center.SamrReconnaissanceSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
| ATA-Gateway konnte sich nicht beim Domänencontroller authentifizieren | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.ActiveDirectoryAuthenticationFailure | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | AvailabilityHealth | True | True |
| Indikatoren sind möglicherweise in der Registrierung deaktiviert | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.CountersDisabled | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | AvailabilityHealth | True | True |
| Blockgröße für EntityResolver-Aktivität | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.EntityResolverActivityBlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | PerformanceCollection | True | False |
| Blockgröße für EntitySender-Entitätsbatch | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.EntitySenderEntityBatchBlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | PerformanceCollection | True | False |
| Sendezeit für EntitySender-Entitätsbatch | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.EntitySenderEntityBatchSendTime | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | PerformanceCollection | True | False |
| ATA-Gateway konnte sich nicht bei Center authentifizieren | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.FailedToAuthenticateAgainstCenter | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | AvailabilityHealth | True | True |
| ATA-Gateway konnte keine Verbindung mit ATA Center herstellen | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.FailedToEstablishConnectionToCenter | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | AvailabilityHealth | True | True |
| ATA-Gateway konnte die SIEM-Syslog-Nachricht nicht analysieren | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.FailedToParseSyslog | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | AvailabilityHealth | True | True |
| ATA-Gateway konnte den Domänencontroller nicht über das LDAP-Protokoll abfragen | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.FailedToQueryDCUsingLDAPProtocol | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | AvailabilityHealth | True | True |
| ATA-Gateway konnte die Konfiguration nicht von ATA Center synchronisieren | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.FailedToSynchronizeConfigurationFromCenter | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | AvailabilityHealth | True | True |
| ATA-Gateway konnte die Center-Zertifikatkette nicht überprüfen | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.FailedToValidateCenterCertificateChain | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | AvailabilityHealth | True | True |
| ATA-Gateway besitzt nicht genügend Arbeitsspeicher | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.GatewayDoesNotHaveEnoughMemory | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | AvailabilityHealth | True | True |
| Maximale Größe des zugesicherten Arbeitsspeichers für GatewayUpdaterResourceManager | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.GatewayUpdaterResourceManagerCommitMemoryMaxSize | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | PerformanceCollection | True | False |
| Max. CPU-Zeit für GatewayUpdaterResourceManager in \% | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.GatewayUpdaterResourceManagerCPUTimeMax_ | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | PerformanceCollection | True | False |
| Größe des Grenzwerts für den GatewayUpdaterResourceManager-Arbeitssatz | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.GatewayUpdaterResourceManagerWorkingSetLimitSize | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | PerformanceCollection | True | False |
| Ein Hosteintrag in der HOSTS-Datei verweist auf den Kurznamen des Computers. | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.HostEntryInHOSTSFile | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | AvailabilityHealth | True | True |
| Die Nachrichtenanalyse ist auf dem ATA-Gateway installiert. | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.MessageAnalyzerIsInstalledOnGateway | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | AvailabilityHealth | True | True |
| Blockgröße 0 für NetworkActivityTranslator-Nachrichtendaten | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.NetworkActivityTranslatorMessageData0BlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | PerformanceCollection | True | False |
| NetworkListener-ETW-Löschereignisse/Sek. | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.NetworkListenerETWDroppedEvents_Sec | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | PerformanceCollection | True | False |
| NetworkListener-PEF-Löschereignisse/Sek. | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.NetworkListenerPEFDroppedEvents_Sec | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | PerformanceCollection | True | False |
| Analysierte NetworkListener-PEF-Nachrichten/Sek. | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.NetworkListenerPEFParsedMessages_Sec | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | PerformanceCollection | True | False |
| Auf Ihrem Computer stehen noch weitere Installationen aus | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.OtherPendingInstallations | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | AvailabilityHealth | True | True |
| PEF (Nachrichtenanalyse) wurde nicht ordnungsgemäß installiert | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.PEFWasNotInstalledCorrectly | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | AvailabilityHealth | True | True |
| PIDs waren für Prozessnamen im ATA-Gateway aktiviert | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.PIDsWasEnabledForProcessNamesInGateway | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | AvailabilityHealth | True | True |
| DisplayName | ID | Target | Accessibility | Category | Enabled | |
|---|---|---|---|---|---|---|
 | ATACenter-Dienst neu starten | Microsoft.AdvancedThreatAnalytics.1_8.Center.ATACenter.Restart | Microsoft.AdvancedThreatAnalytics.1_8.Center | Internal | Maintenance | True |
| ATACenter-Dienst starten | Microsoft.AdvancedThreatAnalytics.1_8.Center.ATACenter.Start | Microsoft.AdvancedThreatAnalytics.1_8.Center | Internal | Maintenance | True |
| ATACenter-Dienst beenden | Microsoft.AdvancedThreatAnalytics.1_8.Center.ATACenter.Stop | Microsoft.AdvancedThreatAnalytics.1_8.Center | Internal | Maintenance | True |
| MongoDB-Dienst neu starten | Microsoft.AdvancedThreatAnalytics.1_8.Database.MongoDB.Restart | Microsoft.AdvancedThreatAnalytics.1_8.Database | Internal | Maintenance | True |
| MongoDB-Dienst starten | Microsoft.AdvancedThreatAnalytics.1_8.Database.MongoDB.Start | Microsoft.AdvancedThreatAnalytics.1_8.Database | Internal | Maintenance | True |
| MongoDB-Dienst beenden | Microsoft.AdvancedThreatAnalytics.1_8.Database.MongoDB.Stop | Microsoft.AdvancedThreatAnalytics.1_8.Database | Internal | Maintenance | True |
| ATAGateway-Dienst neu starten | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.ATAGateway.Restart | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | Internal | Maintenance | True |
| ATAGateway-Dienst starten | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.ATAGateway.Start | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | Internal | Maintenance | True |
| ATAGateway-Dienst beenden | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.ATAGateway.Stop | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | Internal | Maintenance | True |
| ATAGatewayUpdater-Dienst neu starten | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.ATAGatewayUpdater.Restart | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | Internal | Maintenance | True |
| ATAGatewayUpdater-Dienst starten | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.ATAGatewayUpdater.Start | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | Internal | Maintenance | True |
| ATAGatewayUpdater-Dienst beenden | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.ATAGatewayUpdater.Stop | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | Internal | Maintenance | True |
| DisplayName | ID | Target | Accessibility | Enabled | |
|---|---|---|---|---|---|
 | ATA Center-Konsolenaufgabe öffnen | Microsoft.AdvancedThreatAnalytics.1_8.Center.ATAConsole.Task | Microsoft.AdvancedThreatAnalytics.1_8.Center | Internal | True |
| ID | FolderName | ElementID | |
|---|---|---|---|
 | Microsoft.AdvancedThreatAnalytics.1_8.Center.SecurityAlerts.FolderItem | Microsoft.AdvancedThreatAnalytics.1_8.Folder.Root | Microsoft.AdvancedThreatAnalytics.1_8.Center.SecurityAlerts |
| Microsoft.AdvancedThreatAnalytics.1_8.HealthAlerts.FolderItem | Microsoft.AdvancedThreatAnalytics.1_8.Folder.Root | Microsoft.AdvancedThreatAnalytics.1_8.HealthAlerts |
| Microsoft.AdvancedThreatAnalytics.1_8.PerformanceAlerts.FolderItem | Microsoft.AdvancedThreatAnalytics.1_8.Folder.Root | Microsoft.AdvancedThreatAnalytics.1_8.PerformanceAlerts |
| Microsoft.AdvancedThreatAnalytics.1_8.StateGrid.FolderItem | Microsoft.AdvancedThreatAnalytics.1_8.Folder.Root | Microsoft.AdvancedThreatAnalytics.1_8.StateGrid |
| DisplayName | ID | ParentFolder | Accessibility | |
|---|---|---|---|---|
| Advanced Threat Analytics 1.8 | Microsoft.AdvancedThreatAnalytics.1_8.Folder.Root | Microsoft.AdvancedThreatAnalytics.Folder.Root | Public |
| DisplayName | ID | ImageID | |
|---|---|---|---|
 | Advanced Threat Analytics 1.8 Center | Microsoft.AdvancedThreatAnalytics.1_8.Center | Microsoft.AdvancedThreatAnalytics.Center.Small.Icon |
| Advanced Threat Analytics 1.8-Gatewaycontainer | Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway | Microsoft.AdvancedThreatAnalytics.Container.Gateway.Small.Icon |
| Advanced Threat Analytics 1.8-Lightweight-Gateway | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.LightWeight | Microsoft.AdvancedThreatAnalytics.LightweightGateway.Small.Icon |
| Eigenständiges Advanced Threat Analytics 1.8-Gateway | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.Standalone | Microsoft.AdvancedThreatAnalytics.Gateway.Standalone.Small.Icon |
| Advanced Threat Analytics 1.8-Dienst | Microsoft.AdvancedThreatAnalytics.1_8.Service | Microsoft.AdvancedThreatAnalytics.Service.Small.Icon |
| DisplayName | ID | Target | Type | Accessibility | Visible | |
|---|---|---|---|---|---|---|
 | Sicherheitswarnungen | Microsoft.AdvancedThreatAnalytics.1_8.Center.SecurityAlerts | Microsoft.AdvancedThreatAnalytics.1_8.Center | Microsoft.SystemCenter.AlertViewType | Internal | True |
| Integritätswarnungen | Microsoft.AdvancedThreatAnalytics.1_8.HealthAlerts | Microsoft.AdvancedThreatAnalytics.1_8.InstancesGroup | Microsoft.SystemCenter.AlertViewType | Public | True |
| Leistungswarnungen | Microsoft.AdvancedThreatAnalytics.1_8.PerformanceAlerts | Microsoft.AdvancedThreatAnalytics.1_8.InstancesGroup | Microsoft.SystemCenter.AlertViewType | Public | True |
| ID | Type | Platform | Target | Accessibility | |
|---|---|---|---|---|---|
 | Microsoft.AdvancedThreatAnalytics.1_8.StateGrid.Center.Implementation | Microsoft.AdvancedThreatAnalytics.1_8.StateGrid.Center | Wpf, Silverlight | Public | |
| Microsoft.AdvancedThreatAnalytics.1_8.StateGrid.Details.Implementation | Microsoft.AdvancedThreatAnalytics.1_8.StateGrid.Details | Wpf, Silverlight | Public | |
| Microsoft.AdvancedThreatAnalytics.1_8.StateGrid.Gateway.Implementation | Microsoft.AdvancedThreatAnalytics.1_8.StateGrid.Gateway | Wpf, Silverlight | Public | |
| Microsoft.AdvancedThreatAnalytics.1_8.StateGrid.Implementation | Microsoft.AdvancedThreatAnalytics.1_8.StateGrid | Wpf, Silverlight | Public |
| ID | Type | Parent | Accessibility | |
|---|---|---|---|---|
| Microsoft.AdvancedThreatAnalytics.1_8.StateGrid.Center.Reference | Microsoft.AdvancedThreatAnalytics.1_8.StateGrid.Center | Microsoft.AdvancedThreatAnalytics.1_8.StateGrid | Public |
| Microsoft.AdvancedThreatAnalytics.1_8.StateGrid.Details.Reference | Microsoft.AdvancedThreatAnalytics.1_8.StateGrid.Details | Microsoft.AdvancedThreatAnalytics.1_8.StateGrid | Public |
| Microsoft.AdvancedThreatAnalytics.1_8.StateGrid.Gateway.Reference | Microsoft.AdvancedThreatAnalytics.1_8.StateGrid.Gateway | Microsoft.AdvancedThreatAnalytics.1_8.StateGrid | Public |
| Microsoft.AdvancedThreatAnalytics.1_8.StateGrid.Reference | Microsoft.AdvancedThreatAnalytics.1_8.StateGrid | Microsoft.AdvancedThreatAnalytics.1_8.Folder.Root | Public |
| DisplayName | ID | Accessibility | |
|---|---|---|---|
| Integritätsstatus | Microsoft.AdvancedThreatAnalytics.1_8.StateGrid | Public |
| Integritätszustand – Center | Microsoft.AdvancedThreatAnalytics.1_8.StateGrid.Center | Public |
| Integritätszustand – Details | Microsoft.AdvancedThreatAnalytics.1_8.StateGrid.Details | Public |
| Integritätszustand – Gateway | Microsoft.AdvancedThreatAnalytics.1_8.StateGrid.Gateway | Public |
Home
DEU 
Show Management Pack References