Ga naar hoofdinhoud

Registry

Monitors Windows Registry on remote machines.

notitie

Overview

Connects to the registry on your network devices and checks specified keys and values. Supports HKEY_LOCAL_MACHINE and HKEY_CURRENT_USER roots.

info

Use Cases

  • Selective Monitoring: Monitor specific keys and values while ignoring others.
  • Alerts on Changes: Receive alerts for missing or modified values or keys.

Monitoring Options

  • Root: Choose between HKEY_LOCAL_MACHINE or HKEY_CURRENT_USER. For HKEY_CURRENT_USER, select all SIDs or individual users.
  • Key: Enter the registry key to monitor.
  • Value Name: Specify the value name to monitor.
  • Value Type: Define the data type of the value for comparison.

Connectivity Alerts

  • Device Contact: Alert with [Info/Warning/Error/Critical] if the device cannot be contacted.

Missing Key/Value Alerts

  • Missing Key: Alert if the specified key is missing.
  • Missing Value: Alert if the specified value is missing.

Value Comparison Alerts

  • Greater Than: Alert if the value is greater than a specified value (for DWORD types).

  • Less Than: Alert if the value is less than a specified value (for DWORD types).

  • Text Contains: Alert if the value contains specified text (for String types).

  • Text Not Contains: Alert if the value does not contain specified text (for String types).

  • Show Retrieved Value: Include the retrieved value in all notifications.

Authentication and Security

Ensure the account used for authentication has permission to search the registry and access monitored keys and values.

Protocols

Data Points

Generates various data points, including:

Sample Output

Sample Output