Événements d'informations des services d'annuaire AD DC

Microsoft.Windows.Server.2016.AD.DirectoryService.Information.EventCollection (Rule)

Knowledge Base article:

Element properties:

Member Modules:

Source Code:

<Rule ID="Microsoft.Windows.Server.2016.AD.DirectoryService.Information.EventCollection" Enabled="false" Target="AD2016Core!Microsoft.Windows.Server.2016.AD.DomainControllerRole" ConfirmDelivery="false" Remotable="false" Priority="Normal" DiscardLevel="100">

  <Category>EventCollection</Category>

  <DataSources>

    <DataSource ID="EventDS" TypeID="Windows!Microsoft.Windows.EventProvider">

      <ComputerName>$Target/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</ComputerName>

      <LogName>Directory Service</LogName>

      <Expression>

        <SimpleExpression>

          <ValueExpression>

            <XPathQuery Type="Integer">EventLevel</XPathQuery>

          </ValueExpression>

          <Operator>Equal</Operator>

          <ValueExpression>

            <Value Type="Integer">3</Value>

          </ValueExpression>

        </SimpleExpression>

      </Expression>

    </DataSource>

  </DataSources>

  <WriteActions>

    <WriteAction ID="WriteToDB" TypeID="SC!Microsoft.SystemCenter.CollectEvent"/>

    <WriteAction ID="WriteToDW" TypeID="SCDW!Microsoft.SystemCenter.DataWarehouse.PublishEventData"/>

  </WriteActions>

</Rule>