Pakiet administracyjny usługi Microsoft Advanced Threat Analytics 1.8
Jest to pakiet administracyjny dla usługi Advanced Threat Analytics 1.8. Ten pakiet administracyjny zawiera wszystkie klasy, widoki, monitory i odnajdywania dla usługi ATA 1.8.
| DisplayName | ID | Base Class | Abstract | Hosted | Singleton | Group | Extension | Accessibility | |
|---|---|---|---|---|---|---|---|---|---|
 | Centrum usługi Advanced Threat Analytics 1.8 | Microsoft.AdvancedThreatAnalytics.1_8.Center | Microsoft.Windows.ComputerRole | False | True | False | False | False | Public |
 | Kontener bramy usługi Advanced Threat Analytics 1.8 | Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway | Microsoft.AdvancedThreatAnalytics.ServiceComponent | False | False | False | False | False | Public |
 | Baza danych usługi Advanced Threat Analytics 1.8 | Microsoft.AdvancedThreatAnalytics.1_8.Database | System.Database | False | True | False | False | False | Public |
 | Brama usługi Advanced Threat Analytics 1.8 | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | Microsoft.Windows.ComputerRole | True | True | False | False | False | Public |
 | Uproszczona brama usługi Advanced Threat Analytics 1.8 | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.LightWeight | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | False | True | False | False | False | Public |
 | Autonomiczna brama usługi Advanced Threat Analytics 1.8 | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.Standalone | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | False | True | False | False | False | Public |
 | Grupa wystąpień usługi Advanced Threat Analytics 1.8 | Microsoft.AdvancedThreatAnalytics.1_8.InstancesGroup | Microsoft.SystemCenter.InstanceGroup | False | False | True | True | False | Public |
 | Klasa inicjatora usługi Advanced Threat Analytics 1.8 | Microsoft.AdvancedThreatAnalytics.1_8.Seed | Microsoft.Windows.LocalApplication | False | True | False | False | False | Public |
 | Grupa serwerów usługi Advanced Threat Analytics 1.8 | Microsoft.AdvancedThreatAnalytics.1_8.ServersGroup | Microsoft.SystemCenter.ComputerGroup | False | False | True | True | False | Public |
 | Usługa Advanced Threat Analytics 1.8 | Microsoft.AdvancedThreatAnalytics.1_8.Service | Microsoft.AdvancedThreatAnalytics.ServiceComponent | False | False | False | False | False | Public |
| Grupa usługi Advanced Threat Analytics 1.8 | Microsoft.AdvancedThreatAnalytics.1_8.ServiceGroup | Microsoft.SystemCenter.InstanceGroup | False | False | True | True | False | Public |
| DisplayName | ID | Source | Target | Accessibility | Abstract | |
|---|---|---|---|---|---|---|
 | Centrum usługi Microsoft Advanced Threat Analytics 1.8 hostuje bazę danych w wersji 1.8 | Microsoft.AdvancedThreatAnalytics.1_8.Center.hosts.Microsoft.AdvancedThreatAnalytics.1_8.Database | Microsoft.AdvancedThreatAnalytics.1_8.Center | Microsoft.AdvancedThreatAnalytics.1_8.Database | Public | False |
| Kontener usługi Advanced Threat Analytics 1.8 (brama) zawiera bramę uproszczoną w wersji 1.8 | Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway.contains.Microsoft.AdvancedThreatAnalytics.1_8.Gateway.LightWeight | Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.LightWeight | Public | False |
| Kontener usługi Advanced Threat Analytics 1.8 (brama) zawiera bramę autonomiczną w wersji 1.8 | Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway.contains.Microsoft.AdvancedThreatAnalytics.1_8.Gateway.Standalone | Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.Standalone | Public | False |
| Usługa Advanced Threat Analytics 1.8 zawiera centrum w wersji 1.8 | Microsoft.AdvancedThreatAnalytics.1_8.Service.contains.Microsoft.AdvancedThreatAnalytics.1_8.Center | Microsoft.AdvancedThreatAnalytics.1_8.Service | Microsoft.AdvancedThreatAnalytics.1_8.Center | Public | False |
| Usługa Advanced Threat Analytics 1.8 zawiera kontener w wersji 1.8 (brama) | Microsoft.AdvancedThreatAnalytics.1_8.Service.contains.Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway | Microsoft.AdvancedThreatAnalytics.1_8.Service | Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway | Public | False |
| Kontener usługi Advanced Threat Analytics zawiera usługę w wersji 1.8 | Microsoft.AdvancedThreatAnalytics.Container.contains.Microsoft.AdvancedThreatAnalytics.1_8.Service | Microsoft.AdvancedThreatAnalytics.Container | Microsoft.AdvancedThreatAnalytics.1_8.Service | Public | False |
| DisplayName | ID | Isolation | Accessibility | |
|---|---|---|---|---|
 | Źródło danych odnajdywania centrum usługi Advanced Threat Analytics 1.8 | Microsoft.AdvancedThreatAnalytics.1_8.Center.Discovery.DataSource | Any | Internal |
| Źródło danych odnajdywania aplikacji rozproszonych usługi Advanced Threat Analytics 1.8 | Microsoft.AdvancedThreatAnalytics.1_8.DistributedApplication.Discovery.DataSource | Any | Internal |
| Źródło danych odnajdywania bramy usługi Advanced Threat Analytics 1.8 | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.Discovery.DataSource | Any | Internal |
| Dostawca pliku dziennika usługi ATA | Microsoft.AdvancedThreatAnalytics.LogFileProvider | Any | Internal |
| ID | Target | |
|---|---|---|
 | Microsoft.AdvancedThreatAnalytics.1_8.Center.ATAConsole.Task.Category | Microsoft.AdvancedThreatAnalytics.1_8.Center.ATAConsole.Task |
| Microsoft.AdvancedThreatAnalytics.1_8.Center.Icon.Category | Microsoft.AdvancedThreatAnalytics.Center.Icon |
| Microsoft.AdvancedThreatAnalytics.1_8.Center.Small.Icon.Category | Microsoft.AdvancedThreatAnalytics.Center.Small.Icon |
| Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway.Icon.Category | Microsoft.AdvancedThreatAnalytics.Container.Gateway.Icon |
| Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway.Small.Icon.Category | Microsoft.AdvancedThreatAnalytics.Container.Gateway.Small.Icon |
| Microsoft.AdvancedThreatAnalytics.1_8.Gateway.Standalone.Icon.Category | Microsoft.AdvancedThreatAnalytics.Gateway.Standalone.Icon |
| Microsoft.AdvancedThreatAnalytics.1_8.Gateway.Standalone.Small.Icon.Category | Microsoft.AdvancedThreatAnalytics.Gateway.Standalone.Small.Icon |
| Microsoft.AdvancedThreatAnalytics.1_8.LightweightGateway.Icon.Category | Microsoft.AdvancedThreatAnalytics.LightweightGateway.Icon |
| Microsoft.AdvancedThreatAnalytics.1_8.LightweightGateway.Small.Icon.Category | Microsoft.AdvancedThreatAnalytics.LightweightGateway.Small.Icon |
| Microsoft.AdvancedThreatAnalytics.1_8.Service.Icon.Category | Microsoft.AdvancedThreatAnalytics.Service.Icon |
| Microsoft.AdvancedThreatAnalytics.1_8.Service.Small.Icon.Category | Microsoft.AdvancedThreatAnalytics.Service.Small.Icon |
| DisplayName | ID | Target | Enabled | |
|---|---|---|---|---|
 | Odnajdywanie centrum usługi Advanced Threat Analytics 1.8 | Microsoft.AdvancedThreatAnalytics.1_8.Center.Discovery | Microsoft.AdvancedThreatAnalytics.1_8.Seed | True |
| Odnajdywanie aplikacji rozproszonych usługi Advanced Threat Analytics 1.8 | Microsoft.AdvancedThreatAnalytics.1_8.DistributedApplication.Discovery | Microsoft.SystemCenter.AllManagementServersPool | True |
| Odnajdywanie bramy usługi Advanced Threat Analytics 1.8 | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.Discovery | Microsoft.AdvancedThreatAnalytics.1_8.Seed | True |
| Odnajdywanie grupy wystąpień usługi Advanced Threat Analytics 1.8 | Microsoft.AdvancedThreatAnalytics.1_8.InstancesGroup.Discovery | Microsoft.AdvancedThreatAnalytics.1_8.InstancesGroup | True |
| Odnajdywanie inicjatora usługi Advanced Threat Analytics 1.8 | Microsoft.AdvancedThreatAnalytics.1_8.Seed.Discovery | Microsoft.Windows.Server.OperatingSystem | True |
| Odnajdywanie grupy serwerów usługi Advanced Threat Analytics 1.8 | Microsoft.AdvancedThreatAnalytics.1_8.ServersGroup.Discovery | Microsoft.AdvancedThreatAnalytics.1_8.ServersGroup | True |
| Odnajdywanie grupy usługi Advanced Threat Analytics 1.8 | Microsoft.AdvancedThreatAnalytics.1_8.ServiceGroup.Discovery | Microsoft.AdvancedThreatAnalytics.1_8.ServiceGroup | True |
| DisplayName | ID | Target | Algorithm | Source Monitor | Relationship | Category | Enabled | Alert Generate | Accessibility | |
|---|---|---|---|---|---|---|---|---|---|---|
 | Podsumowanie monitora dostępności centrum | Microsoft.AdvancedThreatAnalytics.1_8.Center.Availability.RollupMonitor | Microsoft.AdvancedThreatAnalytics.1_8.Center | WorstOf | System.Health.AvailabilityState | Microsoft.AdvancedThreatAnalytics.1_8.Center.hosts.Microsoft.AdvancedThreatAnalytics.1_8.Database | AvailabilityHealth | True | False | Public |
| Podsumowanie monitora konfiguracji centrum | Microsoft.AdvancedThreatAnalytics.1_8.Center.Configuration.RollupMonitor | Microsoft.AdvancedThreatAnalytics.1_8.Center | WorstOf | System.Health.ConfigurationState | Microsoft.AdvancedThreatAnalytics.1_8.Center.hosts.Microsoft.AdvancedThreatAnalytics.1_8.Database | ConfigurationHealth | True | False | Public |
| Podsumowanie monitora wydajności centrum | Microsoft.AdvancedThreatAnalytics.1_8.Center.Performance.RollupMonitor | Microsoft.AdvancedThreatAnalytics.1_8.Center | WorstOf | System.Health.PerformanceState | Microsoft.AdvancedThreatAnalytics.1_8.Center.hosts.Microsoft.AdvancedThreatAnalytics.1_8.Database | PerformanceHealth | True | False | Public |
| Podsumowanie monitora zabezpieczeń centrum | Microsoft.AdvancedThreatAnalytics.1_8.Center.Security.RollupMonitor | Microsoft.AdvancedThreatAnalytics.1_8.Center | WorstOf | System.Health.SecurityState | Microsoft.AdvancedThreatAnalytics.1_8.Center.hosts.Microsoft.AdvancedThreatAnalytics.1_8.Database | SecurityHealth | True | False | Public |
| Podsumowanie monitora dostępności bramy (uproszczonej) | Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway.LightWeight.Availability.RollupMonitor | Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway | WorstOf | System.Health.AvailabilityState | Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway.contains.Microsoft.AdvancedThreatAnalytics.1_8.Gateway.LightWeight | AvailabilityHealth | True | False | Public |
| Podsumowanie monitora konfiguracji bramy (uproszczonej) | Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway.LightWeight.Configuration.RollupMonitor | Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway | WorstOf | System.Health.ConfigurationState | Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway.contains.Microsoft.AdvancedThreatAnalytics.1_8.Gateway.LightWeight | ConfigurationHealth | True | False | Public |
| Podsumowanie monitora wydajności bramy (uproszczonej) | Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway.LightWeight.Performance.RollupMonitor | Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway | WorstOf | System.Health.PerformanceState | Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway.contains.Microsoft.AdvancedThreatAnalytics.1_8.Gateway.LightWeight | PerformanceHealth | True | False | Public |
| Podsumowanie monitora zabezpieczeń bramy (uproszczonej) | Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway.LightWeight.Security.RollupMonitor | Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway | WorstOf | System.Health.SecurityState | Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway.contains.Microsoft.AdvancedThreatAnalytics.1_8.Gateway.LightWeight | SecurityHealth | True | False | Public |
| Podsumowanie monitora dostępności bramy (autonomicznej) | Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway.Standalone.Availability.RollupMonitor | Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway | WorstOf | System.Health.AvailabilityState | Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway.contains.Microsoft.AdvancedThreatAnalytics.1_8.Gateway.Standalone | AvailabilityHealth | True | False | Public |
| Podsumowanie monitora konfiguracji bramy (autonomicznej) | Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway.Standalone.Configuration.RollupMonitor | Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway | WorstOf | System.Health.ConfigurationState | Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway.contains.Microsoft.AdvancedThreatAnalytics.1_8.Gateway.Standalone | ConfigurationHealth | True | False | Public |
| Podsumowanie monitora wydajności bramy (autonomicznej) | Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway.Standalone.Performance.RollupMonitor | Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway | WorstOf | System.Health.PerformanceState | Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway.contains.Microsoft.AdvancedThreatAnalytics.1_8.Gateway.Standalone | PerformanceHealth | True | False | Public |
| Podsumowanie monitora zabezpieczeń bramy (autonomicznej) | Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway.Standalone.Security.RollupMonitor | Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway | WorstOf | System.Health.SecurityState | Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway.contains.Microsoft.AdvancedThreatAnalytics.1_8.Gateway.Standalone | SecurityHealth | True | False | Public |
| Monitor zbiorczy dostępności usługi (centrum) | Microsoft.AdvancedThreatAnalytics.1_8.Service.Center.Availability.RollupMonitor | Microsoft.AdvancedThreatAnalytics.1_8.Service | WorstOf | System.Health.AvailabilityState | Microsoft.AdvancedThreatAnalytics.1_8.Service.contains.Microsoft.AdvancedThreatAnalytics.1_8.Center | AvailabilityHealth | True | False | Public |
| Monitor zbiorczy konfiguracji usługi (centrum) | Microsoft.AdvancedThreatAnalytics.1_8.Service.Center.Configuration.RollupMonitor | Microsoft.AdvancedThreatAnalytics.1_8.Service | WorstOf | System.Health.ConfigurationState | Microsoft.AdvancedThreatAnalytics.1_8.Service.contains.Microsoft.AdvancedThreatAnalytics.1_8.Center | ConfigurationHealth | True | False | Public |
| Monitor zbiorczy wydajności usługi (centrum) | Microsoft.AdvancedThreatAnalytics.1_8.Service.Center.Performance.RollupMonitor | Microsoft.AdvancedThreatAnalytics.1_8.Service | WorstOf | System.Health.PerformanceState | Microsoft.AdvancedThreatAnalytics.1_8.Service.contains.Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceHealth | True | False | Public |
| Monitor zbiorczy zabezpieczeń usługi (centrum) | Microsoft.AdvancedThreatAnalytics.1_8.Service.Center.Security.RollupMonitor | Microsoft.AdvancedThreatAnalytics.1_8.Service | WorstOf | System.Health.SecurityState | Microsoft.AdvancedThreatAnalytics.1_8.Service.contains.Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | True | False | Public |
| Monitor zbiorczy dostępności usługi (brama) | Microsoft.AdvancedThreatAnalytics.1_8.Service.Gateway.Availability.RollupMonitor | Microsoft.AdvancedThreatAnalytics.1_8.Service | WorstOf | System.Health.AvailabilityState | Microsoft.AdvancedThreatAnalytics.1_8.Service.contains.Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway | AvailabilityHealth | True | False | Public |
| Monitor zbiorczy konfiguracji usługi (brama) | Microsoft.AdvancedThreatAnalytics.1_8.Service.Gateway.Configuration.RollupMonitor | Microsoft.AdvancedThreatAnalytics.1_8.Service | WorstOf | System.Health.ConfigurationState | Microsoft.AdvancedThreatAnalytics.1_8.Service.contains.Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway | ConfigurationHealth | True | False | Public |
| Monitor zbiorczy wydajności usługi (brama) | Microsoft.AdvancedThreatAnalytics.1_8.Service.Gateway.Performance.RollupMonitor | Microsoft.AdvancedThreatAnalytics.1_8.Service | WorstOf | System.Health.PerformanceState | Microsoft.AdvancedThreatAnalytics.1_8.Service.contains.Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway | PerformanceHealth | True | False | Public |
| Monitor zbiorczy zabezpieczeń usługi (brama) | Microsoft.AdvancedThreatAnalytics.1_8.Service.Gateway.Security.RollupMonitor | Microsoft.AdvancedThreatAnalytics.1_8.Service | WorstOf | System.Health.SecurityState | Microsoft.AdvancedThreatAnalytics.1_8.Service.contains.Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway | SecurityHealth | True | False | Public |
| Główny monitor zbiorczy dostępności | Microsoft.AdvancedThreatAnalytics.Container.Availability.RollupMonitor | Microsoft.AdvancedThreatAnalytics.Container | WorstOf | System.Health.AvailabilityState | Microsoft.AdvancedThreatAnalytics.Container.contains.Microsoft.AdvancedThreatAnalytics.1_8.Service | AvailabilityHealth | True | False | Public |
| Główny monitor zbiorczy konfiguracji | Microsoft.AdvancedThreatAnalytics.Container.Configuration.RollupMonitor | Microsoft.AdvancedThreatAnalytics.Container | WorstOf | System.Health.ConfigurationState | Microsoft.AdvancedThreatAnalytics.Container.contains.Microsoft.AdvancedThreatAnalytics.1_8.Service | ConfigurationHealth | True | False | Public |
| Główny monitor zbiorczy wydajności | Microsoft.AdvancedThreatAnalytics.Container.Performance.RollupMonitor | Microsoft.AdvancedThreatAnalytics.Container | WorstOf | System.Health.PerformanceState | Microsoft.AdvancedThreatAnalytics.Container.contains.Microsoft.AdvancedThreatAnalytics.1_8.Service | PerformanceHealth | True | False | Public |
| Główny monitor zbiorczy zabezpieczeń | Microsoft.AdvancedThreatAnalytics.Container.Security.RollupMonitor | Microsoft.AdvancedThreatAnalytics.Container | WorstOf | System.Health.SecurityState | Microsoft.AdvancedThreatAnalytics.Container.contains.Microsoft.AdvancedThreatAnalytics.1_8.Service | SecurityHealth | True | False | Public |
| DisplayName | ID | Target | Category | Enabled | Alert Generate | Accessibility | |
|---|---|---|---|---|---|---|---|
 | Monitor centrum usługi ATA | Microsoft.AdvancedThreatAnalytics.1_8.Center.ATACenter | Microsoft.AdvancedThreatAnalytics.1_8.Center | AvailabilityHealth | True | True | Public |
| Rozmiar bloku AtSVC bazy danych | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseAtSvcBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceHealth | True | True | Public |
| Rozmiar bloku DirectoryServicesActivity bazy danych< | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseDirectoryServicesActivityBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceHealth | True | True | Public |
| Rozmiar bloku DNS bazy danych | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseDnsBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceHealth | True | True | Public |
| Rozmiar bloku DRSR bazy danych | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseDrsrBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceHealth | True | True | Public |
| Rozmiar bloku GroupMembershipChangeEvent bazy danych | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseGroupMembershipChangeEventBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceHealth | True | True | Public |
| Rozmiar bloku KerberosAP bazy danych | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseKerberosApBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceHealth | True | True | Public |
| Rozmiar bloku KerberosAS bazy danych | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseKerberosAsBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceHealth | True | True | Public |
| Rozmiar bloku KerberosTSG bazy danych | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseKerberosTgsBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceHealth | True | True | Public |
| Rozmiar bloku LDAP bazy danych | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseLdapBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceHealth | True | True | Public |
| Rozmiar bloku LogonEvent bazy danych | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseLogonEventBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceHealth | True | True | Public |
| Rozmiar bloku LsaRPC bazy danych | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseLsaRpcBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceHealth | True | True | Public |
| Rozmiar bloku Netlogon bazy danych | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseNetlogonBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceHealth | True | True | Public |
| Rozmiar bloku NTLM bazy danych | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseNtlmBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceHealth | True | True | Public |
| Rozmiar bloku NTLMEvent bazy danych | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseNtlmEventBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceHealth | True | True | Public |
| Rozmiar bloku SAMR bazy danych | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseSamrBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceHealth | True | True | Public |
| Rozmiar bloku ServiceControl bazy danych | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseServiceControlBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceHealth | True | True | Public |
| Rozmiar bloku SMB bazy danych | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseSmbBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceHealth | True | True | Public |
| Rozmiar bloku SrvSVC bazy danych | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseSrvSvcBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceHealth | True | True | Public |
| Rozmiar bloku TaskScheduler bazy danych | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseTaskSchedulerBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceHealth | True | True | Public |
| Rozmiar bloku VpnAuthenticationEvent bazy danych | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseVpnAuthenticationEventBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceHealth | True | True | Public |
| Rozmiar bloku Wmi bazy danych | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseWmiBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceHealth | True | True | Public |
| Rozmiar bloku działania w sieci elementu EntityProfiler | Microsoft.AdvancedThreatAnalytics.1_8.Center.EntityProfilerNetworkActivityBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceHealth | True | True | Public |
| Rozmiar bloku partii jednostek EntityReceiver | Microsoft.AdvancedThreatAnalytics.1_8.Center.EntityReceiverEntityBatchBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceHealth | True | True | Public |
| Rozmiar bloku działania w sieci elementu NetworkActivityProcessor | Microsoft.AdvancedThreatAnalytics.1_8.Center.NetworkActivityProcessorNetworkActivityBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceHealth | True | True | Public |
| Monitor usługi MongoDB | Microsoft.AdvancedThreatAnalytics.1_8.Database.MongoDB | Microsoft.AdvancedThreatAnalytics.1_8.Database | AvailabilityHealth | True | True | Public |
| Monitor usługi bramy usługi ATA | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.ATAGateway | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | AvailabilityHealth | True | True | Public |
| Monitor usługi aktualizatora bramy usługi ATA | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.ATAGatewayUpdater | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | AvailabilityHealth | True | True | Public |
| Rozmiar bloku działania elementu EntityResolver | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.EntityResolverActivityBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | PerformanceHealth | True | True | Public |
| Rozmiar bloku partii jednostek EntitySender | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.EntitySenderEntityBatchBlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | PerformanceHealth | True | True | Public |
| Czas wysłania partii jednostek elementu EntitySender | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.EntitySenderEntityBatchSendTime.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | PerformanceHealth | True | True | Public |
| Rozmiar bloku 0 danych komunikatu elementu NetworkActivityTranslator | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.NetworkActivityTranslatorMessageData0BlockSize.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | PerformanceHealth | True | True | Public |
| Liczba zdarzeń ETW porzucanych przez składnik NetworkListener na sekundę | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.NetworkListenerETWDroppedEventsSec.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | PerformanceHealth | True | True | Public |
| Liczba zdarzeń PEF porzucanych przez składnik NetworkListener na sekundę | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.NetworkListenerPEFDroppedEventsSec.PerformanceHealth | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | PerformanceHealth | True | True | Public |
| DisplayName | ID | Target | Category | Enabled | Alert Generate | |
|---|---|---|---|---|---|---|
 | Reguła alertu dotyczącego podejrzanego działania związanego z nietypowym zachowaniem | Microsoft.AdvancedThreatAnalytics.1_8.Center.AbnormalBehaviorSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
| Reguła alertu dotyczącego podejrzanego działania związanego z nietypowym protokołem | Microsoft.AdvancedThreatAnalytics.1_8.Center.AbnormalProtocolSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
| Reguła alertu dotyczącego podejrzanego działania związanego z nietypową zmianą członkostwa we wrażliwej grupie | Microsoft.AdvancedThreatAnalytics.1_8.Center.AbnormalSensitiveGroupMembershipChangeSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
| Reguła alertu dotyczącego podejrzanego działania związanego z nietypowym elementem sieci VPN | Microsoft.AdvancedThreatAnalytics.1_8.Center.AbnormalVpnSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
| Reguła alertu dotyczącego podejrzanego działania związanego z wyliczeniem konta | Microsoft.AdvancedThreatAnalytics.1_8.Center.AccountEnumerationSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
| Reguła alertu dotyczącego podejrzanego działania związanego z atakiem metodą pełnego przeglądu | Microsoft.AdvancedThreatAnalytics.1_8.Center.BruteForceSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
| ATA 1.8 — reguła alertu dotyczącego monitorowania wolnego miejsca na dysku danych bazy danych centrum | Microsoft.AdvancedThreatAnalytics.1_8.Center.CenterDatabaseDataDriveFreeSpaceMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_8.Center | AvailabilityHealth | True | True |
| ATA 1.8 — reguła alertu dotyczącego monitorowania rozłączonej bazy danych centrum | Microsoft.AdvancedThreatAnalytics.1_8.Center.CenterDatabaseDisconnectedMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_8.Center | AvailabilityHealth | True | True |
| ATA 1.8 — reguła alertu dotyczącego monitorowania niepowodzenia rozpoznawania zewnętrznego adresu IP centrum | Microsoft.AdvancedThreatAnalytics.1_8.Center.CenterExternalIpAddressResolutionFailureMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_8.Center | AvailabilityHealth | True | True |
| ATA 1.8 — reguła alertu dotyczącego monitorowania poczty centrum | Microsoft.AdvancedThreatAnalytics.1_8.Center.CenterMailMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_8.Center | ConfigurationHealth | True | True |
| ATA 1.8 — reguła alertu dotyczącego monitorowania braku ruchu odbieranego przez centrum | Microsoft.AdvancedThreatAnalytics.1_8.Center.CenterNotReceivingTrafficMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_8.Center | AvailabilityHealth | True | True |
| ATA 1.8 — reguła alertu dotyczącego monitorowania przeciążonego centrum | Microsoft.AdvancedThreatAnalytics.1_8.Center.CenterOverloadedMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceHealth | True | True |
| ATA 1.8 — reguła alertu dotyczącego monitorowania usługi Syslog | Microsoft.AdvancedThreatAnalytics.1_8.Center.CenterSyslogMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_8.Center | ConfigurationHealth | True | True |
| ATA 1.8 — reguła alertu dotyczącego monitorowania wygaśnięcia certyfikatu | Microsoft.AdvancedThreatAnalytics.1_8.Center.CertificateExpiryMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_8.Center | ConfigurationHealth | True | True |
| Reguła alertu dotyczącego podejrzanego działania związanego z niepowodzeniem wstępnego uwierzytelniania komputera | Microsoft.AdvancedThreatAnalytics.1_8.Center.ComputerPreauthenticationFailedSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
| Rozmiar bloku AtSVC bazy danych | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseAtSvcBlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceCollection | True | False |
| Rozmiar bloku DirectoryServicesActivity bazy danych | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseDirectoryServicesActivityBlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceCollection | True | False |
| Rozmiar bloku DNS bazy danych | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseDnsBlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceCollection | True | False |
| Rozmiar bloku DRSR bazy danych | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseDrsrBlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceCollection | True | False |
| Rozmiar bloku KerberosAP bazy danych | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseKerberosApBlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceCollection | True | False |
| Rozmiar bloku KerberosAS bazy danych | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseKerberosAsBlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceCollection | True | False |
| Rozmiar bloku KerberosTSG bazy danych | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseKerberosTgsBlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceCollection | True | False |
| Rozmiar bloku LDAP bazy danych | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseLdapBlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceCollection | True | False |
| Rozmiar bloku LsaRPC bazy danych | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseLsaRpcBlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceCollection | True | False |
| Rozmiar bloku Netlogon bazy danych | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseNetlogonBlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceCollection | True | False |
| Rozmiar bloku NTLM bazy danych | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseNtlmBlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceCollection | True | False |
| Rozmiar bloku NTLMEvent bazy danych | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseNtlmEventBlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceCollection | True | False |
| Rozmiar bloku ServiceControl bazy danych | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseServiceControlBlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceCollection | True | False |
| Rozmiar bloku SMB bazy danych | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseSmbBlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceCollection | True | False |
| Rozmiar bloku SrvSVC bazy danych | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseSrvSvcBlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceCollection | True | False |
| Rozmiar bloku TaskScheduler bazy danych | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseTaskSchedulerBlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceCollection | True | False |
| Reguła alertu dotyczącego podejrzanej aktywności związanej z replikacją usług katalogowych | Microsoft.AdvancedThreatAnalytics.1_8.Center.DirectoryServicesReplicationSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
| Reguła alertu dotyczącego podejrzanego działania związanego z rozpoznaniem usługi DNS | Microsoft.AdvancedThreatAnalytics.1_8.Center.DnsReconnaissanceSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
| Reguła alertu dotyczącego podejrzanego działania związanego ze zmianą szyfrowania na niższą wersję | Microsoft.AdvancedThreatAnalytics.1_8.Center.EncryptionDowngradeSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
| Rozmiar bloku działania w sieci elementu EntityProfiler | Microsoft.AdvancedThreatAnalytics.1_8.Center.EntityProfilerNetworkActivityBlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceCollection | True | False |
| Rozmiar bloku partii jednostek EntityReceiver | Microsoft.AdvancedThreatAnalytics.1_8.Center.EntityReceiverEntityBatchBlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceCollection | True | False |
| Reguła alertu dotyczącego podejrzanego działania związanego ze zmianą szyfrowania na niższą wersję (atak metodą złotego biletu) | Microsoft.AdvancedThreatAnalytics.1_8.Center.EnumerateSessionsSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
| Reguła alertu dotyczącego podejrzanego działania związanego ze zmianą szyfrowania na niższą wersję (pomijanie skrótu) | Microsoft.AdvancedThreatAnalytics.1_8.Center.ForgedPacSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
| ATA 1.8 — reguła alertu dotyczącego monitorowania błędów karty sieciowej przechwytywania bramy | Microsoft.AdvancedThreatAnalytics.1_8.Center.GatewayCaptureNetworkAdapterFaultedMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_8.Center | AvailabilityHealth | True | True |
| ATA 1.8 — reguła alertu dotyczącego monitorowania brakującej karty sieciowej przechwytywania bramy | Microsoft.AdvancedThreatAnalytics.1_8.Center.GatewayCaptureNetworkAdapterMissingMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_8.Center | ConfigurationHealth | True | True |
| ATA 1.8 — reguła alertu dotyczącego monitorowania wygaśnięcia hasła konta klienta usług katalogowych bramy | Microsoft.AdvancedThreatAnalytics.1_8.Center.GatewayDirectoryServicesClientAccountPasswordExpiryMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_8.Center | ConfigurationHealth | True | True |
| ATA 1.8 — reguła alertu dotyczącego monitorowania łączności klienta usług katalogowych bramy | Microsoft.AdvancedThreatAnalytics.1_8.Center.GatewayDirectoryServicesClientConnectivityMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_8.Center | AvailabilityHealth | True | True |
| ATA 1.8 — reguła alertu dotyczącego monitorowania rozłączonej bramy | Microsoft.AdvancedThreatAnalytics.1_8.Center.GatewayDisconnectedMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_8.Center | AvailabilityHealth | True | True |
| ATA 1.8 — reguła alertu dotyczącego monitorowania nieprzypisanego synchronizatora domeny bramy | Microsoft.AdvancedThreatAnalytics.1_8.Center.GatewayDomainSynchronizerNotAssignedMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_8.Center | ConfigurationHealth | True | True |
| ATA 1.8 — reguła alertu dotyczącego monitorowania małej ilości pamięci bramy | Microsoft.AdvancedThreatAnalytics.1_8.Center.GatewayLowMemoryMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceHealth | True | True |
| ATA 1.8 — reguła alertu dotyczącego monitorowania działań zdarzenia przeciążonej bramy | Microsoft.AdvancedThreatAnalytics.1_8.Center.GatewayOverloadedEventActivitiesMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceHealth | True | True |
| ATA 1.8 — reguła alertu dotyczącego monitorowania działań sieci przeciążonej bramy | Microsoft.AdvancedThreatAnalytics.1_8.Center.GatewayOverloadedNetworkActivitiesMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceHealth | True | True |
| ATA 1.8 — reguła alertu dotyczącego monitorowania odbiornika zdarzeń usługi Radius bramy | Microsoft.AdvancedThreatAnalytics.1_8.Center.GatewayRadiusEventListenerMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_8.Center | AvailabilityHealth | True | True |
| ATA 1.8 — reguła alertu dotyczącego monitorowania nieaktualnych bram | Microsoft.AdvancedThreatAnalytics.1_8.Center.GatewaysOutdatedMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_8.Center | ConfigurationHealth | True | True |
| ATA 1.8 — reguła alertu dotyczącego monitorowania niepowodzenia uruchomienia bramy | Microsoft.AdvancedThreatAnalytics.1_8.Center.GatewayStartFailureMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_8.Center | AvailabilityHealth | True | True |
| ATA 1.8 — reguła alertu dotyczącego monitorowania odbiornika zdarzeń usługi Syslog bramy | Microsoft.AdvancedThreatAnalytics.1_8.Center.GatewaySyslogEventListenerMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_8.Center | AvailabilityHealth | True | True |
| Reguła alertu dotyczącego podejrzanego działania związanego ze zmianą szyfrowania na niższą wersję (wytrych) | Microsoft.AdvancedThreatAnalytics.1_8.Center.GoldenTicketSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
| Reguła alertu dotyczącego podejrzanego działania związanego z wyliczaniem sesji | Microsoft.AdvancedThreatAnalytics.1_8.Center.HoneytokenActivitySuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
| Reguła alertu dotyczącego podejrzanego działania związanego ze sfałszowanym certyfikatem PAC | Microsoft.AdvancedThreatAnalytics.1_8.Center.LdapBruteForceSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
| Reguła alertu dotyczącego podejrzanego działania związanego z użyciem informacji jako przynęty | Microsoft.AdvancedThreatAnalytics.1_8.Center.LdapCleartextPasswordSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
| Reguła alertu dotyczącego podejrzanego działania związanego z hasłem w postaci zwykłego tekstu prostego powiązania LDAP | Microsoft.AdvancedThreatAnalytics.1_8.Center.MassiveObjectDeletionSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
| Rozmiar bloku działania w sieci elementu NetworkActivityProcessor | Microsoft.AdvancedThreatAnalytics.1_8.Center.NetworkActivityProcessorNetworkActivityBlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceCollection | True | False |
| Reguła alertu dotyczącego podejrzanego działania związanego z usuwaniem dużego obiektu | Microsoft.AdvancedThreatAnalytics.1_8.Center.PassTheHashSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
| Reguła alertu dotyczącego podejrzanego działania związanego z przekazywaniem skrótu | Microsoft.AdvancedThreatAnalytics.1_8.Center.PassTheTicketSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
| Reguła alertu dotyczącego podejrzanego działania związanego z przekazywaniem biletu | Microsoft.AdvancedThreatAnalytics.1_8.Center.RemoteExecutionSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
| Reguła alertu dotyczącego podejrzanego działania związanego z wykonywaniem zdalnym | Microsoft.AdvancedThreatAnalytics.1_8.Center.RetrieveDataProtectionBackupKeySuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
| Reguła alertu dotyczącego podejrzanego działania związanego z pobieraniem klucza kopii zapasowej na potrzeby ochrony danych | Microsoft.AdvancedThreatAnalytics.1_8.Center.SamrReconnaissanceSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
| Nie można uwierzytelnić bramy usługi ATA w kontrolerze domeny | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.ActiveDirectoryAuthenticationFailure | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | AvailabilityHealth | True | True |
| Liczniki mogą być wyłączone w rejestrze | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.CountersDisabled | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | AvailabilityHealth | True | True |
| Rozmiar bloku działania elementu EntityResolver | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.EntityResolverActivityBlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | PerformanceCollection | True | False |
| Rozmiar bloku partii jednostek EntitySender | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.EntitySenderEntityBatchBlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | PerformanceCollection | True | False |
| Czas wysłania partii jednostek elementu EntitySender | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.EntitySenderEntityBatchSendTime | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | PerformanceCollection | True | False |
| Nie można uwierzytelnić bramy usługi ATA w centrum | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.FailedToAuthenticateAgainstCenter | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | AvailabilityHealth | True | True |
| Brama usługi ATA nie może nawiązać połączenia z centrum usługi ATA | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.FailedToEstablishConnectionToCenter | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | AvailabilityHealth | True | True |
| Brama usługi ATA nie może przeanalizować komunikatu usługi Syslog SIEM | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.FailedToParseSyslog | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | AvailabilityHealth | True | True |
| Brama usługi ATA nie może wykonać zapytania dla kontrolera domeny przy użyciu protokołu LDAP | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.FailedToQueryDCUsingLDAPProtocol | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | AvailabilityHealth | True | True |
| Brama usługi ATA nie może zsynchronizować konfiguracji pochodzącej z centrum usługi ATA | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.FailedToSynchronizeConfigurationFromCenter | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | AvailabilityHealth | True | True |
| Brama usługi ATA nie może zweryfikować łańcucha certyfikatów centrum | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.FailedToValidateCenterCertificateChain | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | AvailabilityHealth | True | True |
| Brama usługi ATA ma za mało pamięci | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.GatewayDoesNotHaveEnoughMemory | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | AvailabilityHealth | True | True |
| Maksymalny rozmiar pamięci zatwierdzania elementu GatewayUpdaterResourceManager | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.GatewayUpdaterResourceManagerCommitMemoryMaxSize | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | PerformanceCollection | True | False |
| Maksymalny procent czasu procesora CPU elementu GatewayUpdaterResourceManager | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.GatewayUpdaterResourceManagerCPUTimeMax_ | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | PerformanceCollection | True | False |
| Rozmiar limitu zestawu roboczego elementu GatewayUpdaterResourceManager | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.GatewayUpdaterResourceManagerWorkingSetLimitSize | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | PerformanceCollection | True | False |
| W pliku HOSTS istnieje wpis hosta wskazujący krótką nazwę maszyny | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.HostEntryInHOSTSFile | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | AvailabilityHealth | True | True |
| Analizator komunikatów jest zainstalowany na bramie usługi ATA | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.MessageAnalyzerIsInstalledOnGateway | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | AvailabilityHealth | True | True |
| Rozmiar bloku 0 danych komunikatu elementu NetworkActivityTranslator | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.NetworkActivityTranslatorMessageData0BlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | PerformanceCollection | True | False |
| Liczba zdarzeń ETW porzucanych przez składnik NetworkListener na sekundę | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.NetworkListenerETWDroppedEvents_Sec | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | PerformanceCollection | True | False |
| Liczba zdarzeń PEF porzucanych przez składnik NetworkListener na sekundę | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.NetworkListenerPEFDroppedEvents_Sec | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | PerformanceCollection | True | False |
| Przeanalizowane komunikaty platformy PEF elementu NetworkListener/s | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.NetworkListenerPEFParsedMessages_Sec | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | PerformanceCollection | True | False |
| Na komputerze istnieją inne oczekujące instalacje | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.OtherPendingInstallations | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | AvailabilityHealth | True | True |
| Platforma PEF (analizator komunikatów) nie została poprawnie zainstalowana | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.PEFWasNotInstalledCorrectly | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | AvailabilityHealth | True | True |
| Włączono identyfikatory PID dla nazw procesów w bramie usługi ATA | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.PIDsWasEnabledForProcessNamesInGateway | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | AvailabilityHealth | True | True |
| Microsoft.AdvancedThreatAnalytics.1_8.Center.EncryptionDowngradeGoldenTicketSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center.EncryptionDowngradeGoldenTicketSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
| Microsoft.AdvancedThreatAnalytics.1_8.Center.EncryptionDowngradeOverPasstheHashSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center.EncryptionDowngradeOverPasstheHashSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
| Microsoft.AdvancedThreatAnalytics.1_8.Center.EncryptionDowngradeSkeletonKeySuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center.EncryptionDowngradeSkeletonKeySuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
| DisplayName | ID | Target | Accessibility | Category | Enabled | |
|---|---|---|---|---|---|---|
 | Uruchom ponownie usługę ATACenter | Microsoft.AdvancedThreatAnalytics.1_8.Center.ATACenter.Restart | Microsoft.AdvancedThreatAnalytics.1_8.Center | Internal | Maintenance | True |
| Uruchom usługę ATACenter | Microsoft.AdvancedThreatAnalytics.1_8.Center.ATACenter.Start | Microsoft.AdvancedThreatAnalytics.1_8.Center | Internal | Maintenance | True |
| Zatrzymaj usługę ATACenter | Microsoft.AdvancedThreatAnalytics.1_8.Center.ATACenter.Stop | Microsoft.AdvancedThreatAnalytics.1_8.Center | Internal | Maintenance | True |
| Ponownie uruchom usługę MongoDB | Microsoft.AdvancedThreatAnalytics.1_8.Database.MongoDB.Restart | Microsoft.AdvancedThreatAnalytics.1_8.Database | Internal | Maintenance | True |
| Uruchom usługę MongoDB | Microsoft.AdvancedThreatAnalytics.1_8.Database.MongoDB.Start | Microsoft.AdvancedThreatAnalytics.1_8.Database | Internal | Maintenance | True |
| Zatrzymaj usługę MongoDB | Microsoft.AdvancedThreatAnalytics.1_8.Database.MongoDB.Stop | Microsoft.AdvancedThreatAnalytics.1_8.Database | Internal | Maintenance | True |
| Ponownie uruchom usługę ATAGateway | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.ATAGateway.Restart | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | Internal | Maintenance | True |
| Uruchom usługę ATAGateway | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.ATAGateway.Start | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | Internal | Maintenance | True |
| Zatrzymaj usługę ATAGateway | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.ATAGateway.Stop | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | Internal | Maintenance | True |
| Ponownie uruchom usługę ATAGatewayUpdater | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.ATAGatewayUpdater.Restart | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | Internal | Maintenance | True |
| Uruchom usługę ATAGatewayUpdater | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.ATAGatewayUpdater.Start | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | Internal | Maintenance | True |
| Zatrzymaj usługę ATAGatewayUpdater | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.ATAGatewayUpdater.Stop | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | Internal | Maintenance | True |
| DisplayName | ID | Target | Accessibility | Enabled | |
|---|---|---|---|---|---|
 | Zadanie Otwórz konsolę centrum usługi ATA | Microsoft.AdvancedThreatAnalytics.1_8.Center.ATAConsole.Task | Microsoft.AdvancedThreatAnalytics.1_8.Center | Internal | True |
| ID | FolderName | ElementID | |
|---|---|---|---|
 | Microsoft.AdvancedThreatAnalytics.1_8.Center.SecurityAlerts.FolderItem | Microsoft.AdvancedThreatAnalytics.1_8.Folder.Root | Microsoft.AdvancedThreatAnalytics.1_8.Center.SecurityAlerts |
| Microsoft.AdvancedThreatAnalytics.1_8.HealthAlerts.FolderItem | Microsoft.AdvancedThreatAnalytics.1_8.Folder.Root | Microsoft.AdvancedThreatAnalytics.1_8.HealthAlerts |
| Microsoft.AdvancedThreatAnalytics.1_8.PerformanceAlerts.FolderItem | Microsoft.AdvancedThreatAnalytics.1_8.Folder.Root | Microsoft.AdvancedThreatAnalytics.1_8.PerformanceAlerts |
| Microsoft.AdvancedThreatAnalytics.1_8.StateGrid.FolderItem | Microsoft.AdvancedThreatAnalytics.1_8.Folder.Root | Microsoft.AdvancedThreatAnalytics.1_8.StateGrid |
| DisplayName | ID | ParentFolder | Accessibility | |
|---|---|---|---|---|
| Advanced Threat Analytics 1.8 | Microsoft.AdvancedThreatAnalytics.1_8.Folder.Root | Microsoft.AdvancedThreatAnalytics.Folder.Root | Public |
| DisplayName | ID | ImageID | |
|---|---|---|---|
 | Centrum usługi Advanced Threat Analytics 1.8 | Microsoft.AdvancedThreatAnalytics.1_8.Center | Microsoft.AdvancedThreatAnalytics.Center.Small.Icon |
| Kontener bramy usługi Advanced Threat Analytics 1.8 | Microsoft.AdvancedThreatAnalytics.1_8.Container.Gateway | Microsoft.AdvancedThreatAnalytics.Container.Gateway.Small.Icon |
| Uproszczona brama usługi Advanced Threat Analytics 1.8 | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.LightWeight | Microsoft.AdvancedThreatAnalytics.LightweightGateway.Small.Icon |
| Autonomiczna brama usługi Advanced Threat Analytics 1.8 | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.Standalone | Microsoft.AdvancedThreatAnalytics.Gateway.Standalone.Small.Icon |
| Usługa Advanced Threat Analytics 1.8 | Microsoft.AdvancedThreatAnalytics.1_8.Service | Microsoft.AdvancedThreatAnalytics.Service.Small.Icon |
| DisplayName | ID | Target | Type | Accessibility | Visible | |
|---|---|---|---|---|---|---|
 | Alerty zabezpieczeń | Microsoft.AdvancedThreatAnalytics.1_8.Center.SecurityAlerts | Microsoft.AdvancedThreatAnalytics.1_8.Center | Microsoft.SystemCenter.AlertViewType | Internal | True |
| Alerty dotyczące kondycji | Microsoft.AdvancedThreatAnalytics.1_8.HealthAlerts | Microsoft.AdvancedThreatAnalytics.1_8.InstancesGroup | Microsoft.SystemCenter.AlertViewType | Public | True |
| Dzienniki wydajności i alerty | Microsoft.AdvancedThreatAnalytics.1_8.PerformanceAlerts | Microsoft.AdvancedThreatAnalytics.1_8.InstancesGroup | Microsoft.SystemCenter.AlertViewType | Public | True |
| ID | Type | Platform | Target | Accessibility | |
|---|---|---|---|---|---|
 | Microsoft.AdvancedThreatAnalytics.1_8.StateGrid.Center.Implementation | Microsoft.AdvancedThreatAnalytics.1_8.StateGrid.Center | Wpf, Silverlight | Public | |
| Microsoft.AdvancedThreatAnalytics.1_8.StateGrid.Details.Implementation | Microsoft.AdvancedThreatAnalytics.1_8.StateGrid.Details | Wpf, Silverlight | Public | |
| Microsoft.AdvancedThreatAnalytics.1_8.StateGrid.Gateway.Implementation | Microsoft.AdvancedThreatAnalytics.1_8.StateGrid.Gateway | Wpf, Silverlight | Public | |
| Microsoft.AdvancedThreatAnalytics.1_8.StateGrid.Implementation | Microsoft.AdvancedThreatAnalytics.1_8.StateGrid | Wpf, Silverlight | Public |
| ID | Type | Parent | Accessibility | |
|---|---|---|---|---|
| Microsoft.AdvancedThreatAnalytics.1_8.StateGrid.Center.Reference | Microsoft.AdvancedThreatAnalytics.1_8.StateGrid.Center | Microsoft.AdvancedThreatAnalytics.1_8.StateGrid | Public |
| Microsoft.AdvancedThreatAnalytics.1_8.StateGrid.Details.Reference | Microsoft.AdvancedThreatAnalytics.1_8.StateGrid.Details | Microsoft.AdvancedThreatAnalytics.1_8.StateGrid | Public |
| Microsoft.AdvancedThreatAnalytics.1_8.StateGrid.Gateway.Reference | Microsoft.AdvancedThreatAnalytics.1_8.StateGrid.Gateway | Microsoft.AdvancedThreatAnalytics.1_8.StateGrid | Public |
| Microsoft.AdvancedThreatAnalytics.1_8.StateGrid.Reference | Microsoft.AdvancedThreatAnalytics.1_8.StateGrid | Microsoft.AdvancedThreatAnalytics.1_8.Folder.Root | Public |
| DisplayName | ID | Accessibility | |
|---|---|---|---|
| Stan kondycji | Microsoft.AdvancedThreatAnalytics.1_8.StateGrid | Public |
| Stan kondycji — centrum | Microsoft.AdvancedThreatAnalytics.1_8.StateGrid.Center | Public |
| Stan kondycji — szczegóły | Microsoft.AdvancedThreatAnalytics.1_8.StateGrid.Details | Public |
| Stan kondycji — brama | Microsoft.AdvancedThreatAnalytics.1_8.StateGrid.Gateway | Public |
Home
PLK 
Show Management Pack References