Output Types
Once a domain or a host/service is being monitored the event stream can be sent to multiple outputs. There are four types of outputs:
-
Netwrix Access Analyzer 26 – Sends activity events to Netwrix Access Analyzer 26 and above
-
File – Creates an activity log as a TSV or JSON file for every day of activity. Use this output type to integrate with Access Analyzer 12 and below.
-
Syslog – Sends activity events to the configured SIEM server. For file servers, this option is also used to send activity events to Netwrix Threat Manager.
-
Netwrix Threat Manager – Sends Active Directory activity events to Netwrix Threat Manager
noteThis output type is only available for Monitored Domains
See the Output for Monitored Domains topic and the Output for Monitored Hosts topic for information on adding an output.
Output configurations vary based on the type of domain/host selected.
For Active Directory Domains
Output Properties window has the following tabs:
- Log Files Tab, File output only
- Syslog Tab, Syslog output only
- Threat Manager Tab, Netwrix Threat Manager output only
For File System Hosts
Output Properties window has the following tabs:
- Access Analyzer 26 Tab, Access Analyzer 26 output only
- Log Files Tab, File output only
- Syslog Tab, Syslog output only
- Operations Tab
- Path Filtering Tab
- Protocols Tab
- Account Exclusions Tab
- Process Exclusions Tab, Windows only
- Additional Properties Tab
For Linux Hosts
In addition to common File System tabs, Linux outputs have the following tabs:
For Exchange Online Hosts
Output Properties window has the following tabs:
- Log Files Tab, File output only
- Syslog Tab, Syslog output only
- Operations Tab
- Account Exclusions Tab
- Application Exclusions Tab
- Mailbox Exclusions Tab
- Additional Properties Tab
For Microsoft Entra ID Hosts
Output Properties window has the following tabs:
- Log Files Tab, File output only
- Syslog Tab, Syslog output only
- Additional Properties Tab
- Operations Tab
For SharePoint Hosts
Output Properties window has the following tabs:
- Log Files Tab, File output only
- Syslog Tab, Syslog output only
- Operations Tab
- Path Filtering Tab
- Account Exclusions Tab
- Additional Properties Tab
For SharePoint Online Hosts
Output Properties window has the following tabs:
- Access Analyzer 26 Tab, Access Analyzer 26 output only
- Log Files Tab, File output only
- Syslog Tab, Syslog output only
- Operations Tab
- Additional Properties Tab
For SQL Server Hosts
Output Properties window has the following tabs:
- Log Files Tab, File output only
- Syslog Tab, Syslog output only
- Operations Tab
- Objects Tab
- Account Exclusions Tab
- Additional Properties Tab
For Windows File Server Hosts
Output Properties window has the following tabs:
- Access Analyzer 26 Tab, Access Analyzer 26 output only
- Log Files Tab, File output only
- Syslog Tab, Syslog output only
- Operations Tab
- Path Filtering Tab
- Protocols Tab
- Account Exclusions Tab
- Additional Properties Tab