Configuring Threat Detection in Change Auditor

OK. We're going take a look at how to configure the threat detection appliance with Change Auditor. I already have the threat detection appliance imported in to a VMware environment. And now we're going to connect to Change Auditor, and we will take a look at how to configure threat detection. OK, first thing. Let's see. I have this connected to a couple DCs. We need to go into View, Administration. From here, you'll see a threat detection configuration section. We need to put in the server name. I'm using the fully qualified domain name, so td.acme.lab. I think the main thing here is that it can resolve the name to an IP address. For example, td.acme.lab resolves to the threat detection appliance. But my domain is actually quest.com or quest.local. Type in a password. This is the password that you configured when importing in the appliance via vCenter Server. We're going to have a build activity based on past events. I click on Apply Changes. And that's all we need to do in order to configure the threat detection appliance with the new version of Change Auditor. If we hit refresh, you can see that the events are coming in. So we can see the last time it collected some events. We can also see the last [? heartbeat ?] time. Keep in mind that these times right here are in UTC time, so on the Pacific time. So it's 10:41 down here. But these are all in UTC time. And that's about it. To learn more about Change Auditor and the solutions it integrates with, please visit us online.