Adding a compliance program monitor in Microsoft System Center 2012 Operations Manager
In accordance with a compliance regulatory document, such as PCI DSS, it is required to monitor failed logon attempts that can be caused by a brute-force attack. In a brute-force attack, a script or program is used to guess a password by automatically trying different combinations of characters.
This recipe describes how to monitor and log this kind of compliance issue with Microsoft System Center 2012 Operations Manager.
Getting ready
To create a monitor in SCOM 2012, an installed and configured SCOM 2012 server is required. You must also review the Planning a compliance program for Microsoft System Center 2012 Operations Manager recipe in this chapter.
The configuration of the monitor in SCOM 2012 is stored in a management pack. Perform the following steps to create a new management pack for this recipe:
- Open the SCOM 2012 console.
- Navigate to Administration | Management Packs.
- Click on the Create Management...