KB 340113

KB 340113: Report filters for Users and Groups do not match Active Directory

When doing a user investigation you may find filter menus do not contain all objects from Active Directory, this is by design as the filter tables are populated from jobs that run against the event data.

Issue: Filter menus may appear incomplete

Symptoms: Trying to filter report on user or group that is not in filter table

Cause: Filters are created from security event data and not active directory

Scope: All Audit Collection Reports

Product/s: Security Auditing

Resolution

No action is necessary, the filter tables do not match Active Directory.

If you run queries against the database keep in mind there are 4 'User' fields in ACS; the Header, Primary, Client and Target. When running queries against the audit database ensure you query the correct user field

News & Events

Press Release 08/04/2009: Secure Vantage Releases Security Auditing SP2 for the Audit Collection Services (ACS)

Online Webcasts 06/08/2009: Download the ACS Master Class Series for free real world expert training on the Audit Collection Services.

Read more