{"id":1536,"date":"2018-02-07T12:32:06","date_gmt":"2018-02-07T03:32:06","guid":{"rendered":"https:\/\/www.manageengine.jp\/support\/kb\/ADAudit_Plus\/?p=1536"},"modified":"2023-02-21T11:08:08","modified_gmt":"2023-02-21T02:08:08","slug":"%e5%8f%8e%e9%9b%86%e3%81%97%e3%81%9f%e3%82%a4%e3%83%99%e3%83%b3%e3%83%88%e3%83%ad%e3%82%b0%e3%82%92%e5%a4%96%e9%83%a8%e3%82%b5%e3%83%bc%e3%83%90%e3%83%bc%e3%81%b8%e8%bb%a2%e9%80%81%e3%81%99%e3%82%8b","status":"publish","type":"post","link":"https:\/\/www.manageengine.jp\/support\/kb\/ADAudit_Plus\/?p=1536","title":{"rendered":"\u53ce\u96c6\u3057\u305f\u30c7\u30fc\u30bf\u3092\u5916\u90e8\u30b5\u30fc\u30d0\u30fc\u3078\u8ee2\u9001\u3059\u308b"},"content":{"rendered":"<p><b>\u5bfe\u8c61\u30d3\u30eb\u30c9\uff1a<\/b>5031\u4ee5\u4e0a<\/p>\n<p>\u30d3\u30eb\u30c95031\u3088\u308a\u3001ADAudit Plus\u304c\u53ce\u96c6\u3057\u305f\u30c7\u30fc\u30bf\u3092\u3001\u5916\u90e8\u30b5\u30fc\u30d0\u30fc\u3078\u8ee2\u9001\u3059\u308b\u6a5f\u80fd\u304c\u8ffd\u52a0\u3055\u308c\u307e\u3057\u305f\u3002<br \/>\n\u4ee5\u4e0b\u3067\u306f\u3001\u30c7\u30fc\u30bf\u306e\u8ee2\u9001\u3092\u6709\u52b9\u5316\u3059\u308b\u65b9\u6cd5\u3068\u5bfe\u8c61\u30ab\u30c6\u30b4\u30ea\u306b\u3064\u3044\u3066\u3054\u6848\u5185\u3057\u307e\u3059\u3002<\/p>\n<p>---------------------------------------------------------<\/p>\n<ul>\n<li><strong><a href=\"#syslog\">Syslog\u30b5\u30fc\u30d0\u30fc\u3078\u8ee2\u9001\u3059\u308b\u5834\u5408<\/a><\/strong><\/li>\n<li><strong><a href=\"#splunk\">Splunk\u30b5\u30fc\u30d0\u30fc\u3078\u8ee2\u9001\u3059\u308b\u5834\u5408<\/a><\/strong><\/li>\n<li><strong><a href=\"#arcsight\">ArcSight(CEF)\u30b5\u30fc\u30d0\u30fc\u3078\u8ee2\u9001\u3059\u308b\u5834\u5408<\/a><\/strong><\/li>\n<li><strong><a href=\"#category\">\u8ee2\u9001\u5bfe\u8c61\u3068\u306a\u308b\u30ab\u30c6\u30b4\u30ea<\/a><\/strong><\/li>\n<\/ul>\n<p>---------------------------------------------------------<\/p>\n<p>&nbsp;<\/p>\n<div class=\"point\">\n<p>ADAudit Plus\u306f\u30c7\u30fc\u30bf\u3092<strong>UTF-8<\/strong>\u3067\u30a8\u30f3\u30b3\u30fc\u30c9\u3057\u3066\u8ee2\u9001\u3057\u307e\u3059\u3002<\/p>\n<\/div>\n<p>&nbsp;<\/p>\n<h6><strong><a name=\"syslog\"><\/a><span style=\"font-size: large\">Syslog\u30b5\u30fc\u30d0\u30fc\u3078\u8ee2\u9001\u3059\u308b\u5834\u5408<\/span><\/strong><\/h6>\n<p>1\uff0e[ \u7ba1\u7406 ] &gt; [ SIEM\u7d71\u5408 ] \u3092\u30af\u30ea\u30c3\u30af\u3057\u307e\u3059<\/p>\n<p>2\uff0e[ ADAudit Plus\u30c7\u30fc\u30bf\u306e\u8ee2\u9001\u30aa\u30d7\u30b7\u30e7\u30f3\u3092\u6709\u52b9\u5316\u3059\u308b ] \u306b\u30c1\u30a7\u30c3\u30af\u3092\u5165\u308c\u307e\u3059<\/p>\n<p>3\uff0e[ Syslog\/SIEM ] \u3092\u9078\u629e\u3057\u307e\u3059<\/p>\n<p>&nbsp;<\/p>\n<p><span style=\"font-size: x-small\"><strong>\u25bc \u30af\u30ea\u30c3\u30af\u3067\u62e1\u5927\u3057\u307e\u3059<\/strong><\/span><\/p>\n<p><a href=\"https:\/\/www.manageengine.jp\/support\/kb\/ADAudit_Plus\/wp-content\/uploads\/sites\/10\/siem.png\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-1537\" src=\"https:\/\/www.manageengine.jp\/support\/kb\/ADAudit_Plus\/wp-content\/uploads\/sites\/10\/siem-300x87.png\" alt=\"\" width=\"760\" height=\"221\" srcset=\"https:\/\/www.manageengine.jp\/support\/kb\/ADAudit_Plus\/wp-content\/uploads\/sites\/10\/siem-300x87.png 300w, https:\/\/www.manageengine.jp\/support\/kb\/ADAudit_Plus\/wp-content\/uploads\/sites\/10\/siem-1024x298.png 1024w, https:\/\/www.manageengine.jp\/support\/kb\/ADAudit_Plus\/wp-content\/uploads\/sites\/10\/siem.png 1563w\" sizes=\"auto, (max-width: 760px) 100vw, 760px\" \/><\/a><br \/>\n(1) Syslog\u30b5\u30fc\u30d0\u30fc\u306e\u30db\u30b9\u30c8\u540d\/IP\u30a2\u30c9\u30ec\u30b9\u3092\u5165\u529b\u3057\u307e\u3059<br \/>\n(2) Syslog\u30b5\u30fc\u30d0\u30fc\u304c\u30ea\u30c3\u30b9\u30f3\u3057\u3066\u3044\u308b\u30dd\u30fc\u30c8\u756a\u53f7\u3092\u5165\u529b\u3057\u307e\u3059<br \/>\n(3) \u4f7f\u7528\u3059\u308b\u30d7\u30ed\u30c8\u30b3\u30eb\u3092\u9078\u629e\u3057\u307e\u3059<br \/>\n(4) \u4f7f\u7528\u3059\u308b\u30ed\u30b0\u5f62\u5f0f\u3092\u9078\u629e\u3057\u307e\u3059<br \/>\n(5) \u30c7\u30fc\u30bf\u306e\u30d5\u30a9\u30fc\u30de\u30c3\u30c8\u3092\u30ab\u30b9\u30bf\u30de\u30a4\u30ba\u3057\u307e\u3059<\/p>\n<p>&nbsp;<\/p>\n<h6><strong><a name=\"splunk\"><\/a><span style=\"font-size: large\">Splunk\u30b5\u30fc\u30d0\u30fc\u3078\u8ee2\u9001\u3059\u308b\u5834\u5408<\/span><\/strong><\/h6>\n<p>1\uff0e[ \u7ba1\u7406 ] &gt; [ SIEM\u7d71\u5408 ] \u3092\u30af\u30ea\u30c3\u30af\u3057\u307e\u3059<\/p>\n<p>2\uff0e[ ADAudit Plus\u30c7\u30fc\u30bf\u306e\u8ee2\u9001\u30aa\u30d7\u30b7\u30e7\u30f3\u3092\u6709\u52b9\u5316\u3059\u308b ] \u306b\u30c1\u30a7\u30c3\u30af\u3092\u5165\u308c\u307e\u3059<\/p>\n<p>3\uff0e[ Splunk HTTP ] \u3092\u9078\u629e\u3057\u307e\u3059<\/p>\n<p>&nbsp;<\/p>\n<p><span style=\"font-size: x-small\"><strong>\u25bc \u30af\u30ea\u30c3\u30af\u3067\u62e1\u5927\u3057\u307e\u3059<\/strong><\/span><\/p>\n<p><a href=\"https:\/\/www.manageengine.jp\/support\/kb\/ADAudit_Plus\/wp-content\/uploads\/sites\/10\/siem2.png\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-1549\" src=\"https:\/\/www.manageengine.jp\/support\/kb\/ADAudit_Plus\/wp-content\/uploads\/sites\/10\/siem2-300x70.png\" alt=\"\" width=\"760\" height=\"178\" srcset=\"https:\/\/www.manageengine.jp\/support\/kb\/ADAudit_Plus\/wp-content\/uploads\/sites\/10\/siem2-300x70.png 300w, https:\/\/www.manageengine.jp\/support\/kb\/ADAudit_Plus\/wp-content\/uploads\/sites\/10\/siem2-1024x240.png 1024w, https:\/\/www.manageengine.jp\/support\/kb\/ADAudit_Plus\/wp-content\/uploads\/sites\/10\/siem2.png 1563w\" sizes=\"auto, (max-width: 760px) 100vw, 760px\" \/><\/a><br \/>\n(1) Splunk\u30b5\u30fc\u30d0\u30fc\u306e\u30db\u30b9\u30c8\u540d\/IP\u30a2\u30c9\u30ec\u30b9\u3092\u5165\u529b\u3057\u307e\u3059<br \/>\n(2) Splunk\u30b5\u30fc\u30d0\u30fc\u306eHTTP\u30a4\u30d9\u30f3\u30c8\u30b3\u30ec\u30af\u30bf\u30fc\u3067\u4f7f\u7528\u3059\u308b\u30dd\u30fc\u30c8\u756a\u53f7\u3092\u5165\u529b\u3057\u307e\u3059<br \/>\n(3) \u4f7f\u7528\u3059\u308b\u30d7\u30ed\u30c8\u30b3\u30eb\u3092\u9078\u629e\u3057\u307e\u3059<br \/>\n(4) SSL\u304c\u6709\u52b9\u5316\u3055\u308c\u3066\u3044\u308b\u5834\u5408\u306f\u300cTrue\u300d\u3001\u7121\u52b9\u5316\u3055\u308c\u3066\u3044\u308b\u5834\u5408\u306f\u300cFalse\u300d\u3092\u9078\u629e\u3057\u307e\u3059<br \/>\n(5) Splunk\u30b5\u30fc\u30d0\u30fc\u3067\u751f\u6210\u3055\u308c\u305fHTTP\u30a4\u30d9\u30f3\u30c8\u30b3\u30ec\u30af\u30bf\u30fc\u306e\u30c8\u30fc\u30af\u30f3\u3092\u5165\u529b\u3057\u307e\u3059<\/p>\n<p>&nbsp;<\/p>\n<h6><strong><a name=\"arcsight\"><\/a><span style=\"font-size: large\">ArcSight(CEF)\u30b5\u30fc\u30d0\u30fc\u3078\u8ee2\u9001\u3059\u308b\u5834\u5408<\/span><\/strong><\/h6>\n<p>1\uff0e[ \u7ba1\u7406 ] &gt; [ SIEM\u7d71\u5408 ] \u3092\u30af\u30ea\u30c3\u30af\u3057\u307e\u3059<\/p>\n<p>2\uff0e[ ADAudit Plus\u30c7\u30fc\u30bf\u306e\u8ee2\u9001\u30aa\u30d7\u30b7\u30e7\u30f3\u3092\u6709\u52b9\u5316\u3059\u308b ] \u306b\u30c1\u30a7\u30c3\u30af\u3092\u5165\u308c\u307e\u3059<\/p>\n<p>3\uff0e[ ArcSight(CEF) ] \u3092\u9078\u629e\u3057\u307e\u3059<\/p>\n<p>&nbsp;<\/p>\n<p><span style=\"font-size: x-small\"><strong>\u25bc \u30af\u30ea\u30c3\u30af\u3067\u62e1\u5927\u3057\u307e\u3059<\/strong><\/span><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone wp-image-1764\" src=\"https:\/\/www.manageengine.jp\/support\/kb\/ADAudit_Plus\/wp-content\/uploads\/sites\/10\/cef.png\" alt=\"\" width=\"760\" height=\"126\" srcset=\"https:\/\/www.manageengine.jp\/support\/kb\/ADAudit_Plus\/wp-content\/uploads\/sites\/10\/cef.png 1833w, https:\/\/www.manageengine.jp\/support\/kb\/ADAudit_Plus\/wp-content\/uploads\/sites\/10\/cef-500x83.png 500w, https:\/\/www.manageengine.jp\/support\/kb\/ADAudit_Plus\/wp-content\/uploads\/sites\/10\/cef-1024x169.png 1024w\" sizes=\"auto, (max-width: 760px) 100vw, 760px\" \/><\/p>\n<p>(1) ArcSight(CEF)\u30b5\u30fc\u30d0\u30fc\u306e\u30db\u30b9\u30c8\u540d\/IP\u30a2\u30c9\u30ec\u30b9\u3092\u5165\u529b\u3057\u307e\u3059<br \/>\n(2) ArcSight(CEF)\u30b5\u30fc\u30d0\u30fc\u306e\u30b3\u30ec\u30af\u30bf\u30fc\u3067\u4f7f\u7528\u3059\u308b\u30d7\u30ed\u30c8\u30b3\u30eb\u3092\u9078\u629e\u3057\u307e\u3059<br \/>\n(3) \u4f7f\u7528\u3059\u308b\u30d7\u30ed\u30c8\u30b3\u30eb\u3092\u9078\u629e\u3057\u307e\u3059<\/p>\n<p>&nbsp;<\/p>\n<h6><strong><a name=\"category\"><\/a><span style=\"font-size: large\">\u8ee2\u9001\u5bfe\u8c61\u3068\u306a\u308b\u30ab\u30c6\u30b4\u30ea<\/span><\/strong><\/h6>\n<table class=\"pdContent\" width=\"100%\" cellspacing=\"2px\">\n<tbody>\n<tr>\n<th class=\"table_decoration11\" width=\"60%\">\u30ab\u30c6\u30b4\u30ea\u540d<\/th>\n<th class=\"table_decoration11\" width=\"40%\">\u30ab\u30c6\u30b4\u30ea\u306e\u5225\u79f0<\/th>\n<\/tr>\n<tr>\n<td class=\"table_decoration10\">ADAP\u6280\u8853\u8005\u306e\u76e3\u67fb\u30ec\u30dd\u30fc\u30c8<\/td>\n<td class=\"table_decoration10\">ADAPTechnicianAudit<\/td>\n<\/tr>\n<tr>\n<td class=\"table_decoration10\">\u30a2\u30e9\u30fc\u30c8<\/td>\n<td class=\"table_decoration10\">ADAPAlerts<\/td>\n<\/tr>\n<tr>\n<td class=\"table_decoration10\">\u30e6\u30fc\u30b6\u30fc\u30ed\u30b0\u30aa\u30f3 \u30ec\u30dd\u30fc\u30c8<\/td>\n<td class=\"table_decoration10\">LogonReports<\/td>\n<\/tr>\n<tr>\n<td class=\"table_decoration10\">\u30ed\u30fc\u30ab\u30eb \u30ed\u30b0\u30aa\u30f3\/\u30ed\u30b0\u30aa\u30d5<\/td>\n<td class=\"table_decoration10\">LocalLogonLogoffReports<\/td>\n<\/tr>\n<tr>\n<td class=\"table_decoration10\">\u30a2\u30ab\u30a6\u30f3\u30c8\u4f5c\u6210<\/td>\n<td class=\"table_decoration10\">ObjectCreationReports<\/td>\n<\/tr>\n<tr>\n<td class=\"table_decoration10\">\u30e6\u30fc\u30b6\u30fc\u7ba1\u7406<\/td>\n<td class=\"table_decoration10\">UserMgmtReports<\/td>\n<\/tr>\n<tr>\n<td class=\"table_decoration10\">\u30b0\u30eb\u30fc\u30d7\u7ba1\u7406<\/td>\n<td class=\"table_decoration10\">GroupMgmtReports<\/td>\n<\/tr>\n<tr>\n<td class=\"table_decoration10\">\u30b3\u30f3\u30d4\u30e5\u30fc\u30bf\u30fc\u7ba1\u7406<\/td>\n<td class=\"table_decoration10\">ComputerMgmtReports<\/td>\n<\/tr>\n<tr>\n<td class=\"table_decoration10\">\u30dd\u30ea\u30b7\u30fc\u5909\u66f4<\/td>\n<td class=\"table_decoration10\">PolicyChangeReports<\/td>\n<\/tr>\n<tr>\n<td class=\"table_decoration10\">\u7d44\u7e54\u5358\u4f4d(OU)\u306e\u5909\u66f4<\/td>\n<td class=\"table_decoration10\">OUMgmtReports<\/td>\n<\/tr>\n<tr>\n<td class=\"table_decoration10\">GPO\u7ba1\u7406<\/td>\n<td class=\"table_decoration10\">GPOMgmtReports<\/td>\n<\/tr>\n<tr>\n<td class=\"table_decoration10\">\u30d5\u30a1\u30a4\u30eb\u76e3\u67fb\u30ec\u30dd\u30fc\u30c8<\/td>\n<td class=\"table_decoration10\">FileAuditReports<\/td>\n<\/tr>\n<tr>\n<td class=\"table_decoration10\">\u30b5\u30fc\u30d0\u76e3\u67fb\u30ec\u30dd\u30fc\u30c8<\/td>\n<td class=\"table_decoration10\">ServerAuditReports<\/td>\n<\/tr>\n<tr>\n<td class=\"table_decoration10\">NPS\u76e3\u67fb\u30ec\u30dd\u30fc\u30c8<\/td>\n<td class=\"table_decoration10\">NPSAuditReports<\/td>\n<\/tr>\n<tr>\n<td class=\"table_decoration10\">FIM\u30ec\u30dd\u30fc\u30c8\u3001\u30ea\u30e0\u30fc\u30d0\u30d6\u30eb\u30b9\u30c8\u30ec\u30fc\u30b8\u3001\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u5171\u6709\u76e3\u67fb<\/td>\n<td class=\"table_decoration10\">FIMAuditReports<\/td>\n<\/tr>\n<tr>\n<td class=\"table_decoration10\">AD\u30aa\u30d6\u30b8\u30a7\u30af\u30c8\u30ec\u30dd\u30fc\u30c8<\/td>\n<td class=\"table_decoration10\">ADObjectsAuditReports<\/td>\n<\/tr>\n<tr>\n<td class=\"table_decoration10\">DNS\u76e3\u67fb\u30ec\u30dd\u30fc\u30c8<\/td>\n<td class=\"table_decoration10\">DNSAuditReports<\/td>\n<\/tr>\n<tr>\n<td class=\"table_decoration10\">ADFS\u306e\u76e3\u67fb\u30ec\u30dd\u30fc\u30c8<\/td>\n<td class=\"table_decoration10\">ADFSReports<\/td>\n<\/tr>\n<tr>\n<td class=\"table_decoration10\">LDAP\u76e3\u67fb<\/td>\n<td class=\"table_decoration10\">LDAPReports<\/td>\n<\/tr>\n<tr>\n<td class=\"table_decoration10\">AzureAD\u306e\u30ed\u30b0\u30aa\u30f3\u30ec\u30dd\u30fc\u30c8<\/td>\n<td class=\"table_decoration10\">AzureADLogonReports<\/td>\n<\/tr>\n<tr>\n<td class=\"table_decoration10\">AzureAD\u306e\u7ba1\u7406\u30ec\u30dd\u30fc\u30c8<\/td>\n<td class=\"table_decoration10\">AzureADAccountMgmtReports<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>\u4ee5\u4e0a\u3067\u3059\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u5bfe\u8c61\u30d3\u30eb\u30c9\uff1a5031\u4ee5\u4e0a \u30d3\u30eb\u30c95031\u3088\u308a\u3001ADAudit Plus\u304c\u53ce\u96c6\u3057\u305f\u30c7\u30fc\u30bf\u3092\u3001\u5916\u90e8\u30b5\u30fc\u30d0\u30fc\u3078\u8ee2\u9001\u3059\u308b\u6a5f\u80fd\u304c\u8ffd\u52a0\u3055\u308c\u307e\u3057\u305f\u3002 \u4ee5\u4e0b\u3067\u306f\u3001\u30c7\u30fc\u2026 <a href=\"https:\/\/www.manageengine.jp\/support\/kb\/ADAudit_Plus\/?p=1536\" class=\"more\">\uff3b\u7d9a\u304d\u3092\u8aad\u3080\uff3d<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_lmt_disableupdate":"","_lmt_disable":"","footnotes":""},"categories":[5],"tags":[126,158,157,155,156],"class_list":["post-1536","post","type-post","status-publish","format-standard","hentry","category-design-adap","tag-all","tag-forward","tag-siem","tag-splunk","tag-syslog"],"modified_by":null,"_links":{"self":[{"href":"https:\/\/www.manageengine.jp\/support\/kb\/ADAudit_Plus\/index.php?rest_route=\/wp\/v2\/posts\/1536","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.manageengine.jp\/support\/kb\/ADAudit_Plus\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.manageengine.jp\/support\/kb\/ADAudit_Plus\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.manageengine.jp\/support\/kb\/ADAudit_Plus\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.manageengine.jp\/support\/kb\/ADAudit_Plus\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1536"}],"version-history":[{"count":26,"href":"https:\/\/www.manageengine.jp\/support\/kb\/ADAudit_Plus\/index.php?rest_route=\/wp\/v2\/posts\/1536\/revisions"}],"predecessor-version":[{"id":3247,"href":"https:\/\/www.manageengine.jp\/support\/kb\/ADAudit_Plus\/index.php?rest_route=\/wp\/v2\/posts\/1536\/revisions\/3247"}],"wp:attachment":[{"href":"https:\/\/www.manageengine.jp\/support\/kb\/ADAudit_Plus\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1536"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.manageengine.jp\/support\/kb\/ADAudit_Plus\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1536"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.manageengine.jp\/support\/kb\/ADAudit_Plus\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1536"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}