Introducing StealthAUDIT 11.5! Complete your cloud security puzzle. LEARN MORE
Stealthbits

Stealthbits ProTip: StealthINTERCEPT User Objects

Blog >Stealthbits ProTip: StealthINTERCEPT User Objects

Customers using StealthINTERCEPT often ask the question how to quickly find all the changes made to a user object including all group membership adds and deletes. The Investigation feature can be used to perform this search. Here’s how: first, make sure all policies are selected. Then, under the Other category, click both Class and Attribute. For the changes made directly to a user, for Class enter in User, and under attribute enter in a partial string for the user you want to look for. IE ‘Administrator’. Click Refresh. This will return all changes made to the user object such as lockouts, email address, department, phone etc.

To see any groups where the user was added or removed, simply change the Class setting to Group and hit refresh. Now all the group membership changes will be displayed.

For more information, contact Stealthbits Support at support@stealthbits.com.

Don’t miss a post! Subscribe to The Insider Threat Security Blog here:

Loading

Featured Asset

Leave a Reply

Your email address will not be published. Required fields are marked *

Subscribe

DON’T MISS A POST. SUBSCRIBE TO THE BLOG!


Loading

© 2022 Stealthbits Technologies, Inc.

Start a Free Stealthbits Trial!

No risk. No obligation.

FREE TRIAL