diff --git a/docs/auditor/10.8/admin/alertsettings/create/create.md b/docs/auditor/10.8/admin/alertsettings/create/create.md
index b55eb21002..09997e892b 100644
--- a/docs/auditor/10.8/admin/alertsettings/create/create.md
+++ b/docs/auditor/10.8/admin/alertsettings/create/create.md
@@ -23,7 +23,7 @@ Follow the steps to create a custom alert.
**Step 1 –** On the main Auditor page, click the Alert settings link under the Configuration section
on the left:
-
+
See the [Navigation](/docs/auditor/10.8/admin/navigation/overview.md) topic for additional information.
@@ -33,7 +33,7 @@ See the [Navigation](/docs/auditor/10.8/admin/navigation/overview.md) topic for
| --------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| General | - Specify a name and enter the description for the new alert.
**NOTE:** Make sure that the Send alert when the action occurs option is enabled. Otherwise, the new alert will be disabled. - Email subject — Specify the subject of the email. It is possible to insert variables into the subject line. You can choose between "_Who_", "_What_" and"_Where_" variables. Consider the following:
- Only one variable of each type can be added
- You need to cut off the full path from the object names in "_What_" alert and leave only the actual name. For example, "_\com\Corp\Users\Departments\IT\Username_" should be just "_Username_". If you want to get back to the default Email subject line, click the **Restore Default** button.
- Apply tags — Create a set of tags to more efficiently identify and sort your alerts. Select Edit under Apply tags to associate tags with your alert. Later, you can quickly find an alert of interest using Filter by tags in the upper part of the All Alerts window. To see a full list of alerts ever created in the product, navigate to Settings > Tags.
|
| Recipients | Select alert recipients. Click Add Recipient and select alert delivery type: - Email — Specify the email address where notifications will be delivered. You can add as many recipients as necessary.
**_RECOMMENDED:_** click **Send Test Email**. The system will send a test message to the specified email address and inform you if any problems are detected. - SMS-enabled email — Netwrix uses the sms gateway technology to deliver notifications to a phone number assigned to a dedicated email address. Specify email address to receive SMS notifications. Make sure that your carrier supports sms to email gateway technology.
|
-| Filters | Apply a set of filters to narrow events that trigger a new alert. Alerts use the same interface and logic as search. - Filter — Select general type of filter (e.g., "Who", "Data Source", "Monitoring plan", etc.)
- Operator — Configure match types for selected filter (e.g., "Equals", "Does not contain", etc.)
- Value — Specify filter value. See the [View and Search Collected Data](/docs/auditor/10.8/admin/search/overview.md) topic for additional information on how to create and modify filters. The Filters section contains required fields highlighted with red. Once you completed all filters, click Preview on the right pane to see search-based list of events that will trigger your alert. 
|
+| Filters | Apply a set of filters to narrow events that trigger a new alert. Alerts use the same interface and logic as search. - Filter — Select general type of filter (e.g., "Who", "Data Source", "Monitoring plan", etc.)
- Operator — Configure match types for selected filter (e.g., "Equals", "Does not contain", etc.)
- Value — Specify filter value. See the [View and Search Collected Data](/docs/auditor/10.8/admin/search/overview.md) topic for additional information on how to create and modify filters. The Filters section contains required fields highlighted with red. Once you completed all filters, click Preview on the right pane to see search-based list of events that will trigger your alert. 
|
| Thresholds | If necessary, enable threshold to trigger the new alert. In this case, a single alert will be sent instead of many alerts. This can be helpful when Auditor detects many activity records matching the filters you specified. Slide the switch under the Send alert when the threshold is exceeded option and configure the following: - Limit alerting to activity records with the same... — Select a filter in the drop-down list (e.g., who). Note that, Auditor will search for activity records with the same value in the filter you selected. Only alerts grouped by the Who parameter can be included in the Behavior Anomalies list. Mind that in this case, the product does not summarize risk scores and shows the value you associated with this alert. This may significantly reduce risk score accuracy.
- Send alert for `<...>` activity records within `<...>` seconds — Select a number of changes that occurred in a given period (in seconds). For example, you want to receive an alert on suspicious activity. You select "_Action_" in the Limit alerting to activity records with the same list and specify a number of actions to be considered an unexpected behavior: _1000_ changes in _60_ seconds. When the selected threshold exceeded, an alert will be delivered to the specified recipients: one for every 1000 removals in 60 seconds, one for every 1000 failed removals in 60 seconds. So you can easily discover what is going on in your IT infrastructure.
|
| Risk Score | - Slide the switch to On under Include this alert in Behavior Anomalies assessment. See the [Behavior Anomalies](/docs/auditor/10.8/admin/behavioranomalies/overview.md) topic for additional information.
- Associate a risk score with the alert — Assign a risk score based on the type of anomaly and the severity of the deviation from the normal behavior. An action's risk score is a numerical value from 1 (Low) to 100 (High) that designates the level of risk with 100 being the riskiest and 1 the least risky. These are general guidelines you can adopt when setting a risk score:
- High score — Assign to an action that requires your immediate response (e.g., adding account to a privileged group). Configure a non-threshold alert with email recipients.
- Above medium score — Assign to a repetitive action occurring during a short period of time. While a standalone action is not suspicious, multiple actions merit your attention (e.g., mass deletions from a SharePoint site). Configure a threshold-based alert with email recipients.
- Low score — Assign to an infrequent action. While a single action is safe, multiple occurrences aggregated over a long period of time may indicate a potential in-house bad actor (e.g., creation of potentially harmful files on a file share). Configure a non-threshold alert, email recipients are optional but make sure to regularly review the Behavior Anomalies dashboard.
- Low score — Assign to a repetitive action that does not occur too often (e.g., rapid logons). Multiple occurrences of action sets may indicate a potential in-house bad actor or account compromise. Configure a threshold-based alert, email recipients are optional but make sure to regularly review the Behavior Anomalies dashboard.
|
| Response Action | You can instruct Auditor to perform a response action when the alert occurs — for example, start an executable file (command, batch file, or other) that will remediate the issue, or open a ticket with the help desk, and so on. For that, you will need an executable file stored locally on the Auditor server. Slide the switch to turn the feature **ON**, and see the [Configure a Response Action for Alert](/docs/auditor/10.8/admin/alertsettings/responseaction.md) topic for additional information. |
diff --git a/docs/auditor/10.8/admin/alertsettings/create/createhealthstatus.md b/docs/auditor/10.8/admin/alertsettings/create/createhealthstatus.md
index 2fd65dee82..6141aa461e 100644
--- a/docs/auditor/10.8/admin/alertsettings/create/createhealthstatus.md
+++ b/docs/auditor/10.8/admin/alertsettings/create/createhealthstatus.md
@@ -54,7 +54,7 @@ inclusive filter.
**Step 12 –** Click Save to save your changes.
-
+
If an event occurs that triggers an alert, an email notification will be sent immediately to the
specified recipients.
diff --git a/docs/auditor/10.8/admin/alertsettings/dashboard.md b/docs/auditor/10.8/admin/alertsettings/dashboard.md
index 91eb416b29..7400461740 100644
--- a/docs/auditor/10.8/admin/alertsettings/dashboard.md
+++ b/docs/auditor/10.8/admin/alertsettings/dashboard.md
@@ -23,13 +23,13 @@ The dashboard includes the following widgets:
- Alerts timeline – Shows the number of alerts triggered at the specific day.
- Recent alerts – Shows all the triggered alerts in chronological order.
-
+
Clicking any tile except for Risk score by top 5 users drills down to the Alert history dashboard
that provides users with the detailed information about the latest alerts triggered in their IT
infrastructure enriched with the actionable chart and timeline.
-
+
Review detailed information about the triggered alerts and change anomaly status. See the
[Review User Profiles and Process Anomalies](/docs/auditor/10.8/admin/behavioranomalies/userprofile.md) topic for
diff --git a/docs/auditor/10.8/admin/alertsettings/overview.md b/docs/auditor/10.8/admin/alertsettings/overview.md
index 0dc4dc0bf8..06068ae90e 100644
--- a/docs/auditor/10.8/admin/alertsettings/overview.md
+++ b/docs/auditor/10.8/admin/alertsettings/overview.md
@@ -24,14 +24,14 @@ Review the following to take advantage of the Alerts functionality:
The example alert is triggered when a new user is created in the monitored domain.
-
+
## Tags
Netwrix Auditor allows you to apply tags when creating an alert. Applying tags to alerts allows you
to distinguish one alert from another or create groups of similar alerts.
-
+
The Tags page contains a complete list of alerts that were created in the product. Currently, you
cannot assign or create tags on this page.
diff --git a/docs/auditor/10.8/admin/alertsettings/responseaction.md b/docs/auditor/10.8/admin/alertsettings/responseaction.md
index 0c811d4ba0..5001e972c4 100644
--- a/docs/auditor/10.8/admin/alertsettings/responseaction.md
+++ b/docs/auditor/10.8/admin/alertsettings/responseaction.md
@@ -10,7 +10,7 @@ Upon the alert triggering, you can instruct Auditor to perform several actions s
command, a script or other executable file that will perform a remediation action, open a ticket
with the organization help desk, etc.
-
+
Response Action settings contain the following configuration options:
@@ -43,7 +43,7 @@ Use space character as a separator.
**Step 4 –** To run _.exe_, _.cmd_ and _.bat_ files, you can enter the path to your command-line or
batch file directly in the Run field, for example:
-
+
To run the ._ps1_ files, you will need to enter the path to _powershell.exe_ and path to your
script. For example:
@@ -51,7 +51,7 @@ script. For example:
- In the Run field, enter _C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe_
- In the With parameters field, enter `–File `
-
+
Unless you select to Write data to CSV file, Auditor will also pass the following parameters to the
command line:
diff --git a/docs/auditor/10.8/admin/behavioranomalies/dashboard.md b/docs/auditor/10.8/admin/behavioranomalies/dashboard.md
index e88f772e4b..36c892eb5e 100644
--- a/docs/auditor/10.8/admin/behavioranomalies/dashboard.md
+++ b/docs/auditor/10.8/admin/behavioranomalies/dashboard.md
@@ -18,10 +18,10 @@ access them instantly. See the [Navigation](/docs/auditor/10.8/admin/navigation/
To review the Behavior Anomalies dashboard:
On the main Auditor page, click
-
+
on the left.
-
+
The dashboards includes the following sections:
diff --git a/docs/auditor/10.8/admin/behavioranomalies/userprofile.md b/docs/auditor/10.8/admin/behavioranomalies/userprofile.md
index 0b0ce05370..751ccd05b2 100644
--- a/docs/auditor/10.8/admin/behavioranomalies/userprofile.md
+++ b/docs/auditor/10.8/admin/behavioranomalies/userprofile.md
@@ -13,7 +13,7 @@ To view a user profile
- On the Behavior Anomalies assessment dashboard, locate a user and click View Profile next to his
or her name.
-
+
The user profile page contains the following sections:
@@ -48,7 +48,7 @@ To change an anomaly status
You can add comments without changing a status. This might be helpful if the anomaly remains
active for a long period of time and you need even more time to examine it closely.
-
+
Once the anomaly is reviewed, it disappears from the timeline and chart, and its associated risk
score is taken from user's total score. The reviewed anomalies supplement the status with the
diff --git a/docs/auditor/10.8/admin/compliancemappings.md b/docs/auditor/10.8/admin/compliancemappings.md
index 3a24e44e4d..fb8793397d 100644
--- a/docs/auditor/10.8/admin/compliancemappings.md
+++ b/docs/auditor/10.8/admin/compliancemappings.md
@@ -13,4 +13,4 @@ opens the page on the Netwrix website. Here you can review a brief description o
standard supported by the product and download E book containing detailed requirements for the
standards.
-
+
diff --git a/docs/auditor/10.8/admin/healthstatus/dashboard/activityrecordstatistics.md b/docs/auditor/10.8/admin/healthstatus/dashboard/activityrecordstatistics.md
index 45a46a6e17..f5ac25202f 100644
--- a/docs/auditor/10.8/admin/healthstatus/dashboard/activityrecordstatistics.md
+++ b/docs/auditor/10.8/admin/healthstatus/dashboard/activityrecordstatistics.md
@@ -13,7 +13,7 @@ generation intensity in your IT infrastructure, and product load.
After you click View details, the Activity Records Statistics window will be displayed.
-
+
By default, statistics on activity records processing is grouped by Monitoring plan and presented
for the Last 7 days. To modify the timeframe, use the drop-down list in the upper right corner.
diff --git a/docs/auditor/10.8/admin/healthstatus/dashboard/databasestatistics.md b/docs/auditor/10.8/admin/healthstatus/dashboard/databasestatistics.md
index a27b837221..9879ce58ad 100644
--- a/docs/auditor/10.8/admin/healthstatus/dashboard/databasestatistics.md
+++ b/docs/auditor/10.8/admin/healthstatus/dashboard/databasestatistics.md
@@ -17,7 +17,7 @@ Transaction logs size is not included in the calculations.
After you click View details, the following information will be displayed for the specified SQL
Server instance:
-
+
The Database name column contains the list of Netwrix Auditor databases hosted by the specified
instance of the SQL Server:
@@ -39,7 +39,7 @@ The following capacity metrics are displayed for each database:
After you expand the database node, the detailed database properties will be shown:
-
+
These properties are as follows:
diff --git a/docs/auditor/10.8/admin/healthstatus/dashboard/healthlog.md b/docs/auditor/10.8/admin/healthstatus/dashboard/healthlog.md
index 14fbc5d956..45c903bad7 100644
--- a/docs/auditor/10.8/admin/healthstatus/dashboard/healthlog.md
+++ b/docs/auditor/10.8/admin/healthstatus/dashboard/healthlog.md
@@ -17,7 +17,7 @@ System Health log**. Then, follow the instructions provided by Microsoft. See th
for additional information on
[How to Clear Event Logs](https://learn.microsoft.com/en-us/host-integration-server/core/how-to-clear-event-logs1).
-
+
## Netwrix Auditor System Health Log
@@ -87,6 +87,6 @@ Follow the steps to filter events.
| Item name | Select to display events from the certain item(s) you need. |
| Event ID | Enter event ID number or range of event IDs separated by commas. For example, 1, 3, 5-99. You can also exclude unwanted event IDs from being displayed. Type the minus sign before selected event ID. For example, -76. |
-
+
The applied filters will be listed on the top of the screen under the window title.
diff --git a/docs/auditor/10.8/admin/healthstatus/dashboard/monitoringoverview.md b/docs/auditor/10.8/admin/healthstatus/dashboard/monitoringoverview.md
index 7598d4122c..4018e04207 100644
--- a/docs/auditor/10.8/admin/healthstatus/dashboard/monitoringoverview.md
+++ b/docs/auditor/10.8/admin/healthstatus/dashboard/monitoringoverview.md
@@ -19,7 +19,7 @@ displays current statuses of all monitoring plans:
After you click View details, the Monitoring Overview window will be displayed.
-
+
It provides the hierarchical list of monitoring plans, processed data sources and corresponding
items with their current status and date/time of the last data processing session. For data sources
diff --git a/docs/auditor/10.8/admin/healthstatus/dashboard/overview.md b/docs/auditor/10.8/admin/healthstatus/dashboard/overview.md
index 189709ccf8..dc61aebaf7 100644
--- a/docs/auditor/10.8/admin/healthstatus/dashboard/overview.md
+++ b/docs/auditor/10.8/admin/healthstatus/dashboard/overview.md
@@ -39,7 +39,7 @@ The dashboard includes the following widgets:
[System Health](/docs/auditor/10.8/requirements/longtermarchive.md#system-health) topic for additional
information.
-
+
You can also instruct Netwrix Auditor to forward similar statistics as a health summary email to
personnel in charge. For that, click Notification settings, then follow the steps described in the
diff --git a/docs/auditor/10.8/admin/healthstatus/selfaudit.md b/docs/auditor/10.8/admin/healthstatus/selfaudit.md
index 28b012d747..5d19d6afea 100644
--- a/docs/auditor/10.8/admin/healthstatus/selfaudit.md
+++ b/docs/auditor/10.8/admin/healthstatus/selfaudit.md
@@ -14,7 +14,7 @@ workflows adopted by our organization.
The corresponding option is available on the General tab of Netwrix AuditorSettings. By default, the
**Collect data for self-audit checkbox** is selected (enabled).
-
+
### Search for Self-audit Results
@@ -28,7 +28,7 @@ Follow the steps to search for self-audit results.
**Step 3 –** Click Search to review results:
-
+
**NOTE:** After reviewing your search results, apply filters to narrow your data. See the
[View Reports](/docs/auditor/10.8/admin/reports/view.md) topic for additional information.
@@ -48,7 +48,7 @@ Follow the steps to review the Self-audit report.
**Step 2 –** Select the Netwrix Auditor Self-Audit report and click View.
-
+
## Netwrix Auditor Self-Audit Scope
diff --git a/docs/auditor/10.8/admin/healthstatus/summaryemail.md b/docs/auditor/10.8/admin/healthstatus/summaryemail.md
index 8ed69815f9..c99eb126f3 100644
--- a/docs/auditor/10.8/admin/healthstatus/summaryemail.md
+++ b/docs/auditor/10.8/admin/healthstatus/summaryemail.md
@@ -18,7 +18,7 @@ red means there were some problems that require your attention.
The email looks like shown below:
-
+
The Monitoring Overview section of the email provides detail information only for the monitoring
plans with issues. Successfully completed monitoring plans are not included.
diff --git a/docs/auditor/10.8/admin/monitoringplans/activedirectory/overview.md b/docs/auditor/10.8/admin/monitoringplans/activedirectory/overview.md
index 89da8d3ddf..e65f8c5266 100644
--- a/docs/auditor/10.8/admin/monitoringplans/activedirectory/overview.md
+++ b/docs/auditor/10.8/admin/monitoringplans/activedirectory/overview.md
@@ -34,7 +34,7 @@ Complete the following fields:
| Objects | |
| Specify monitoring restrictions | Specify restrictions for the objects to monitor in your Active Directory. Use them to create the lists of specific objects to include and / or exclude from the monitoring scope (and, therefore, search results, reports and Activity Summaries). The following options are available: - Monitor all objects - **Include these objects** - **Exclude these objects** To create a list of inclusions / exclusions, click Add and enter object path using one of the following formats: - Canonical name, for example: _mydomain.local/Computers/filesrv01_ OR - Object path as shown in the "_What_" column of reports and search results, for example: _\local\mydomain\Computers\filesrv01_ You can use a wildcard (\*) to replace any number of characters in the path. See the examples below for more information. |
-
+
Examples
@@ -128,7 +128,7 @@ Follow the steps to use Netwrix Privilege Secure as an account for data collect
**Step 2 –** In the item configuration menu, select Netwrix Privilege Secure as an option for data
collection.
-
+
**Step 3 –** Select the type of the Access Policy you want to use in Netwrix Privilege Secure.
Credential-based is the default option. Refer to the
@@ -141,7 +141,7 @@ and to which Netwrix Auditor has the access through a Credential-based access po
**NOTE:** Netwrix recommends using different credentials for different monitoring plans and data
sources.
-
+
The second option is Resource-based. To use this option, you need to provide the Activity and
Resource names, assigned to Netwrix Auditor in the corresponding Resource-based policy. Make sure
diff --git a/docs/auditor/10.8/admin/monitoringplans/activitysummaryemail.md b/docs/auditor/10.8/admin/monitoringplans/activitysummaryemail.md
index ece7a22b02..b5f3ba4bcb 100644
--- a/docs/auditor/10.8/admin/monitoringplans/activitysummaryemail.md
+++ b/docs/auditor/10.8/admin/monitoringplans/activitysummaryemail.md
@@ -17,7 +17,7 @@ different and do not show changes.
The following Activity Summary example applies to Active Directory. Other Activity Summaries
generated and delivered by Netwrix Auditor will vary slightly depending on the data source.
-
+
The example Activity Summary provides the following information on Active Directory changes:
diff --git a/docs/auditor/10.8/admin/monitoringplans/create.md b/docs/auditor/10.8/admin/monitoringplans/create.md
index 7175441f3b..a47b06b892 100644
--- a/docs/auditor/10.8/admin/monitoringplans/create.md
+++ b/docs/auditor/10.8/admin/monitoringplans/create.md
@@ -35,12 +35,12 @@ data.
## Settings for Data Collection
-
+
At this step of the wizard, specify the account that Auditor will use to access the data source, and
general settings for data collection.
-
+
| Option | Description |
| --------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
@@ -115,7 +115,7 @@ You can use default settings for your SQL Server instance or modify them (e.g.,
authentication method or user). You can also change these settings later. See the
[Audit Database](/docs/auditor/10.8/admin/settings/auditdatabase.md) topic for additional information.
-
+
Configure the following:
diff --git a/docs/auditor/10.8/admin/monitoringplans/dataaccounts.md b/docs/auditor/10.8/admin/monitoringplans/dataaccounts.md
index 1f9e6ae6df..d781e2bba5 100644
--- a/docs/auditor/10.8/admin/monitoringplans/dataaccounts.md
+++ b/docs/auditor/10.8/admin/monitoringplans/dataaccounts.md
@@ -76,7 +76,7 @@ Follow the steps to update credentials for the accounts used by Auditor:
**Step 5 –** Review the account configuration scope and click **Update password** next to this
account.
-
+
**Step 6 –** Save your edits.
diff --git a/docs/auditor/10.8/admin/monitoringplans/datasources.md b/docs/auditor/10.8/admin/monitoringplans/datasources.md
index 6c00323468..9fd1272ee5 100644
--- a/docs/auditor/10.8/admin/monitoringplans/datasources.md
+++ b/docs/auditor/10.8/admin/monitoringplans/datasources.md
@@ -27,7 +27,7 @@ Follow the steps to modify data source settings.
**Step 2 –** Within the monitoring plan window, highlight the data source (the first one is the row
right under the blue table header) and click Edit data source on the right:
-
+
**Step 3 –** Modify data source settings as you need.
diff --git a/docs/auditor/10.8/admin/monitoringplans/delegation.md b/docs/auditor/10.8/admin/monitoringplans/delegation.md
index 0ded923aa9..cbbe757123 100644
--- a/docs/auditor/10.8/admin/monitoringplans/delegation.md
+++ b/docs/auditor/10.8/admin/monitoringplans/delegation.md
@@ -14,7 +14,7 @@ To keep the monitoring process secure, Netwrix suggests configuring role-based a
control ensures that only appropriate users can modify the product configuration or view audit data,
based on your company policies and the user's job responsibilities.
-
+
Roles are described briefly in the table below and explained in detail in the next topic.
diff --git a/docs/auditor/10.8/admin/monitoringplans/exchangeonline/overview.md b/docs/auditor/10.8/admin/monitoringplans/exchangeonline/overview.md
index b5555845ca..fcc8005c98 100644
--- a/docs/auditor/10.8/admin/monitoringplans/exchangeonline/overview.md
+++ b/docs/auditor/10.8/admin/monitoringplans/exchangeonline/overview.md
@@ -50,7 +50,7 @@ Follow the steps to configure Office 365 tenant as a monitored item.
[Using Modern Authentication with Microsoft Entra ID](/docs/auditor/10.8/configuration/microsoft365/microsoftentraid/permissions/modernauth/modernauth.md)
topic for additional information.
-
+
If you are using a government tenant, please click the **Tenant Environment** tab and select the
desired tenant environment.
@@ -82,7 +82,7 @@ desired tenant environment.
**Step 3 –** Click the **Add** button.
-
+
You can use a single account to collect audit data for different Office 365 services (Microsoft
Entra ID, Exchange Online, SharePoint Online); however, Netwrix recommends that you specify
diff --git a/docs/auditor/10.8/admin/monitoringplans/fileservers/overview.md b/docs/auditor/10.8/admin/monitoringplans/fileservers/overview.md
index 0296ad5fae..cb9741be3f 100644
--- a/docs/auditor/10.8/admin/monitoringplans/fileservers/overview.md
+++ b/docs/auditor/10.8/admin/monitoringplans/fileservers/overview.md
@@ -117,7 +117,7 @@ Complete the following fields:
To audit all file shares, under Specify monitoring restrictions, select Monitor all file shares in
the array.
-
+
You can also create lists of specific file shares to include and/or exclude from being audited.
@@ -169,7 +169,7 @@ to the specified shared folder, its subfolders and files.
- All actions — Exclude all actions of the selected users
- These actions — Use the drop-down list to select the actions to exclude, e.g. _Added_ and _Moved_.
-
+
**Step 3 –** After configuring all filters, click **Add** to save them and return to the item
settings.
@@ -247,7 +247,7 @@ to the specified shared folder, its subfolders and files.
- All actions — Exclude all actions of the selected users
- These actions — Use the drop-down list to select the actions to exclude, e.g. _Added_ and _Moved_.
-
+
**Step 3 –** After configuring all filters, click **Add** to save them and return to the item
settings.
@@ -325,7 +325,7 @@ to the specified shared folder, its subfolders and files.
- All actions — Exclude all actions of the selected users
- These actions — Use the drop-down list to select the actions to exclude, e.g. _Added_ and _Moved_.
-
+
**Step 3 –** After configuring all filters, click **Add** to save them and return to the item
settings.
@@ -440,7 +440,7 @@ to the specified shared folder, its subfolders and files.
- All actions — Exclude all actions of the selected users
- These actions — Use the drop-down list to select the actions to exclude, e.g. _Added_ and _Moved_.
-
+
**Step 3 –** After configuring all filters, click **Add** to save them and return to the item
settings.
diff --git a/docs/auditor/10.8/admin/monitoringplans/fileservers/scope.md b/docs/auditor/10.8/admin/monitoringplans/fileservers/scope.md
index 2413dd0c2c..a2e3350fb4 100644
--- a/docs/auditor/10.8/admin/monitoringplans/fileservers/scope.md
+++ b/docs/auditor/10.8/admin/monitoringplans/fileservers/scope.md
@@ -85,7 +85,7 @@ to the specified shared folder, its subfolders and files.
- All actions — Exclude all actions of the selected users
- These actions — Use the drop-down list to select the actions to exclude, e.g. _Added_ and _Moved_.
-
+
**Step 3 –** After configuring all filters, click **Add** to save them and return to the item
settings.
diff --git a/docs/auditor/10.8/admin/monitoringplans/fileservers/windowsfileserver.md b/docs/auditor/10.8/admin/monitoringplans/fileservers/windowsfileserver.md
index ee05a6068a..daef83a007 100644
--- a/docs/auditor/10.8/admin/monitoringplans/fileservers/windowsfileserver.md
+++ b/docs/auditor/10.8/admin/monitoringplans/fileservers/windowsfileserver.md
@@ -63,7 +63,7 @@ to the specified shared folder, its subfolders and files.
- All actions — Exclude all actions of the selected users
- These actions — Use the drop-down list to select the actions to exclude, e.g. _Added_ and _Moved_.
-
+
**Step 3 –** After configuring all filters, click **Add** to save them and return to the item
settings.
@@ -143,7 +143,7 @@ By default, both user activity and state-in-time data will be collected for the
However, you can narrow your monitoring scope by specifying certain locations, user accounts or
actions to exclude .
-
+
Click Add Exclusion, then follow the steps in the Specify Filters dialog:
@@ -177,7 +177,7 @@ Follow the steps to exclude specific user activity.
- All actions — Exclude all actions of the selected users
- These actions — Use the drop-down list to select the actions to exclude, e.g. _Added_ and _Moved_
-
+
After configuring all filters, click **Add** to save them and return to the item settings.
@@ -197,7 +197,7 @@ Follow the steps to use Netwrix Privilege Secure as an account for data collect
**Step 2 –** In the item configuration menu, select Netwrix Privilege Secure as an option for data
collection.
-
+
**Step 3 –** Select the type of the Access Policy you want to use in Netwrix Privilege Secure.
Credential-based is the default option. Refer to the
@@ -210,7 +210,7 @@ and to which Netwrix Auditor has the access through a Credential-based access po
**NOTE:** Netwrix recommends using different credentials for different monitoring plans and data
sources.
-
+
The second option is Resource-based. To use this option, you need to provide the Activity and
Resource names, assigned to Netwrix Auditor in the corresponding Resource-based policy. Make sure
diff --git a/docs/auditor/10.8/admin/monitoringplans/grouppolicy/overview.md b/docs/auditor/10.8/admin/monitoringplans/grouppolicy/overview.md
index ecf833ea5e..5c816ec5e3 100644
--- a/docs/auditor/10.8/admin/monitoringplans/grouppolicy/overview.md
+++ b/docs/auditor/10.8/admin/monitoringplans/grouppolicy/overview.md
@@ -59,7 +59,7 @@ Follow the steps to use Netwrix Privilege Secure as an account for data collect
**Step 2 –** In the item configuration menu, select Netwrix Privilege Secure as an option for data
collection.
-
+
**Step 3 –** Select the type of the Access Policy you want to use in Netwrix Privilege Secure.
Credential-based is the default option. Refer to the
@@ -72,7 +72,7 @@ and to which Netwrix Auditor has the access through a Credential-based access po
**NOTE:** Netwrix recommends using different credentials for different monitoring plans and data
sources.
-
+
The second option is Resource-based. To use this option, you need to provide the Activity and
Resource names, assigned to Netwrix Auditor in the corresponding Resource-based policy. Make sure
diff --git a/docs/auditor/10.8/admin/monitoringplans/logonactivity/overview.md b/docs/auditor/10.8/admin/monitoringplans/logonactivity/overview.md
index bad488ba36..ef55f3d07a 100644
--- a/docs/auditor/10.8/admin/monitoringplans/logonactivity/overview.md
+++ b/docs/auditor/10.8/admin/monitoringplans/logonactivity/overview.md
@@ -61,7 +61,7 @@ Follow the steps to use Netwrix Privilege Secure as an account for data collect
**Step 2 –** In the item configuration menu, select Netwrix Privilege Secure as an option for data
collection.
-
+
**Step 3 –** Select the type of the Access Policy you want to use in Netwrix Privilege Secure.
Credential-based is the default option. Refer to the
@@ -74,7 +74,7 @@ and to which Netwrix Auditor has the access through a Credential-based access po
**NOTE:** Netwrix recommends using different credentials for different monitoring plans and data
sources.
-
+
The second option is Resource-based. To use this option, you need to provide the Activity and
Resource names, assigned to Netwrix Auditor in the corresponding Resource-based policy. Make sure
diff --git a/docs/auditor/10.8/admin/monitoringplans/microsoftentraid/overview.md b/docs/auditor/10.8/admin/monitoringplans/microsoftentraid/overview.md
index 9f724841b7..2f7f7a72f9 100644
--- a/docs/auditor/10.8/admin/monitoringplans/microsoftentraid/overview.md
+++ b/docs/auditor/10.8/admin/monitoringplans/microsoftentraid/overview.md
@@ -79,7 +79,7 @@ Follow the steps to configure Office 365 tenant as a monitored item.
[Using Modern Authentication with Microsoft Entra ID](/docs/auditor/10.8/configuration/microsoft365/microsoftentraid/permissions/modernauth/modernauth.md)
topic for additional information.
-
+
If you are using a government tenant, please click the **Tenant Environment** tab and select the
desired tenant environment.
@@ -111,7 +111,7 @@ desired tenant environment.
**Step 3 –** Click the **Add** button.
-
+
You can use a single account to collect audit data for different Office 365 services (Microsoft
Entra ID, Exchange Online, SharePoint Online); however, Netwrix recommends that you specify
@@ -139,7 +139,7 @@ Follow the steps to use Netwrix Privilege Secure as an account for data collect
**Step 2 –** In the item configuration menu, select Netwrix Privilege Secure as an option for data
collection.
-
+
**Step 3 –** Select the type of the Access Policy you want to use in Netwrix Privilege Secure.
Credential-based is the default option. Refer to the
@@ -152,7 +152,7 @@ and to which Netwrix Auditor has the access through a Credential-based access po
**NOTE:** Netwrix recommends using different credentials for different monitoring plans and data
sources.
-
+
The second option is Resource-based. To use this option, you need to provide the Activity and
Resource names, assigned to Netwrix Auditor in the corresponding Resource-based policy. Make sure
diff --git a/docs/auditor/10.8/admin/monitoringplans/msteams.md b/docs/auditor/10.8/admin/monitoringplans/msteams.md
index eaf0c47f3c..9b5c5ca775 100644
--- a/docs/auditor/10.8/admin/monitoringplans/msteams.md
+++ b/docs/auditor/10.8/admin/monitoringplans/msteams.md
@@ -50,7 +50,7 @@ Follow the steps to configure Office 365 tenant as a monitored item.
[Using Modern Authentication with Microsoft Entra ID](/docs/auditor/10.8/configuration/microsoft365/microsoftentraid/permissions/modernauth/modernauth.md)
topic for additional information.
-
+
If you are using a government tenant, please click the **Tenant Environment** tab and select the
desired tenant environment.
@@ -82,7 +82,7 @@ desired tenant environment.
**Step 3 –** Click the **Add** button.
-
+
You can use a single account to collect audit data for different Office 365 services (Microsoft
Entra ID, Exchange Online, SharePoint Online); however, Netwrix recommends that you specify
diff --git a/docs/auditor/10.8/admin/monitoringplans/oracle/overview.md b/docs/auditor/10.8/admin/monitoringplans/oracle/overview.md
index cba45fd7c5..6ceed98418 100644
--- a/docs/auditor/10.8/admin/monitoringplans/oracle/overview.md
+++ b/docs/auditor/10.8/admin/monitoringplans/oracle/overview.md
@@ -51,7 +51,7 @@ Complete the following fields:
On a high level, data collection process for Oracle databases works as follows:
-
+
1. Oracle administrator prepares a dedicated service account with sufficient permissions to collect
data from Oracle Database. See the
diff --git a/docs/auditor/10.8/admin/monitoringplans/sharepointonline/overview.md b/docs/auditor/10.8/admin/monitoringplans/sharepointonline/overview.md
index 28ed703bf2..a426243792 100644
--- a/docs/auditor/10.8/admin/monitoringplans/sharepointonline/overview.md
+++ b/docs/auditor/10.8/admin/monitoringplans/sharepointonline/overview.md
@@ -50,7 +50,7 @@ Follow the steps to configure Office 365 tenant as a monitored item.
[Using Modern Authentication with Microsoft Entra ID](/docs/auditor/10.8/configuration/microsoft365/microsoftentraid/permissions/modernauth/modernauth.md)
topic for additional information.
-
+
If you are using a government tenant, please click the **Tenant Environment** tab and select the
desired tenant environment.
@@ -82,7 +82,7 @@ desired tenant environment.
**Step 3 –** Click the **Add** button.
-
+
You can use a single account to collect audit data for different Office 365 services (Microsoft
Entra ID, Exchange Online, SharePoint Online); however, Netwrix recommends that you specify
diff --git a/docs/auditor/10.8/admin/monitoringplans/sqlserver/overview.md b/docs/auditor/10.8/admin/monitoringplans/sqlserver/overview.md
index d870d0dfe4..524b82aaad 100644
--- a/docs/auditor/10.8/admin/monitoringplans/sqlserver/overview.md
+++ b/docs/auditor/10.8/admin/monitoringplans/sqlserver/overview.md
@@ -47,7 +47,7 @@ On the **General** tab, you can configure the following settings for SQL Server
On the **Users** tab, you can configure the following settings for SQL Server data source:
-
+
| Options | Description |
| ------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
@@ -69,18 +69,18 @@ is the 'Do not use triggers' mode.
| Do not use triggers | Default mode for a new installation of Netwrix Auditor. Data will be collected using the SQL Server traces. This mode allows you to get a sufficient level of detail in the reports and search results without producing additional load on your SQL Server instance. Thus, it is recommended for highly-transactional servers. When using this mode, consider that the "_What_" field of the Activity Record with "_Object type_" = "_Data_" may show incorrect data. The issues occur because the product applies data categories to an entire SQL Server table and not to rows. |
| Use triggers for detailed monitoring | However, if you require a very detailed reporting on the data changes, you can select this mode. It will be also selected by default if you are upgrading your Netwrix Auditor deployment. Data will be collected using a set of triggers. For more information on this technology, see [https://kb.netwrix.com/728](https://kb.netwrix.com/728) . It is recommended to use this setting carefully, as collecting large amount of details from a highly-transactional server may affect its performance. Using this mode may lead to issues when altering databases on the monitored SQL Server instances. The issues occur only if the SQL Server service account does not have _Read_ permissions in the Active Directory domain (e.g., a local user account). When using this mode, consider that the "_What_" field of the Activity Record with "_Object type_" = "_Data_" may show incorrect data. The issues occur because the product applies data categories to an entire SQL Server table and not to rows. Switching from the configured triggerless mode may lead to a data loss. The workaround is to force data collection right after enabling the triggers. |
| Changes (per transaction) to collect and report: | Specify how many changes per a database transaction you want to be collected. For example, you can limit this number to 10 changes per transaction, or collect all changes. It is recommended to adjust this setting carefully, as collecting large number of changes from a highly-transactional server may affect its performance. |
-| Monitoring rules | To specify what data changes must be monitored, create at least one **inclusion rule**. Exclusion rules are optional. Click **Add Rule** and configure the following:  - Type — Select rule type: include or exclude. - Server — Specify a name of the monitored SQL Server instance where the required database resides. Use the _server_name\instance_name_ format, for example, _SQLsrv11\SQLExpress2016_. **NOTE:** If you are going to configure monitoring rules for SQL Server Availability Groups, provide the name of your Availability Group item in this field. - Database — Specify the database whose data changes you want to monitor. - Table — Specify database table to monitor. - Column—Specify table column name. The following column types are currently not supported: `text, ntext, image, binary, varbinary, timestamp, sql_variant`. These filters will be applied using AND logic. Wildcard (\*) is supported and can be used to replace any number of characters. |
+| Monitoring rules | To specify what data changes must be monitored, create at least one **inclusion rule**. Exclusion rules are optional. Click **Add Rule** and configure the following:  - Type — Select rule type: include or exclude. - Server — Specify a name of the monitored SQL Server instance where the required database resides. Use the _server_name\instance_name_ format, for example, _SQLsrv11\SQLExpress2016_. **NOTE:** If you are going to configure monitoring rules for SQL Server Availability Groups, provide the name of your Availability Group item in this field. - Database — Specify the database whose data changes you want to monitor. - Table — Specify database table to monitor. - Column—Specify table column name. The following column types are currently not supported: `text, ntext, image, binary, varbinary, timestamp, sql_variant`. These filters will be applied using AND logic. Wildcard (\*) is supported and can be used to replace any number of characters. |
## Audit SELECT
Use the settings in this section to configure how the successful SELECT statements should be
audited.
-
+
| Option | Description |
| ---------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| --- | --- |
| --- | --- |
| Audit successful SELECT statements | Enable monitoring of successful SELECT statements for the database tables. Successful SELECT statement execution will be reported as Read operation on the database table. Auditing SELECT statements will increase the amount of data collected from the SQL Server instance and stored to long-term archive and audit database. Plan for your resources accordingly. |
-| Monitoring rules | To specify what data changes will be monitored, you must create at least one **inclusion rule**. Exclusion rules are optional. Click **Add Inclusion** and specify the following:  - Server — specify target SQL Server instance in the server\instance format. **NOTE:** If you are going to configure monitoring rules for SQL Server Availability Groups, provide the name of your Availability Group item in this field. - Database — specify target database - Schema — specify database schema - Table — specify database table you will monitor Wildcard (\*) is supported and can be used to replace any number of characters. Filters will be applied using AND logic, that is, only SELECT statements matching all specified criteria will be monitored. So, in the example above, the program will track and report only the successful SELECT statements executed against the _Applicants_ table of the _HR2019_ database with _Custom_ schema, hosted on the _SQLsrv02\TestInstance_. When finished, click **Add**. If needed, configure the exclusion rules in a similar way. |
+| Monitoring rules | To specify what data changes will be monitored, you must create at least one **inclusion rule**. Exclusion rules are optional. Click **Add Inclusion** and specify the following:  - Server — specify target SQL Server instance in the server\instance format. **NOTE:** If you are going to configure monitoring rules for SQL Server Availability Groups, provide the name of your Availability Group item in this field. - Database — specify target database - Schema — specify database schema - Table — specify database table you will monitor Wildcard (\*) is supported and can be used to replace any number of characters. Filters will be applied using AND logic, that is, only SELECT statements matching all specified criteria will be monitored. So, in the example above, the program will track and report only the successful SELECT statements executed against the _Applicants_ table of the _HR2019_ database with _Custom_ schema, hosted on the _SQLsrv02\TestInstance_. When finished, click **Add**. If needed, configure the exclusion rules in a similar way. |
diff --git a/docs/auditor/10.8/admin/monitoringplans/vmware/overview.md b/docs/auditor/10.8/admin/monitoringplans/vmware/overview.md
index 940a2747ef..c0822036b6 100644
--- a/docs/auditor/10.8/admin/monitoringplans/vmware/overview.md
+++ b/docs/auditor/10.8/admin/monitoringplans/vmware/overview.md
@@ -38,7 +38,7 @@ information.
On a high level, data collection process for VMware servers works as follows:
-
+
VMware administrator prepares a dedicated service account with sufficient permissions to collect
data from VMware servers. This account must have at least **Read Only role** on those servers. For
diff --git a/docs/auditor/10.8/admin/monitoringplans/windows/overview.md b/docs/auditor/10.8/admin/monitoringplans/windows/overview.md
index ce72858b6d..4fc9eed7fe 100644
--- a/docs/auditor/10.8/admin/monitoringplans/windows/overview.md
+++ b/docs/auditor/10.8/admin/monitoringplans/windows/overview.md
@@ -93,7 +93,7 @@ Follow the steps to use Netwrix Privilege Secure as an account for data collect
**Step 2 –** In the item configuration menu, select Netwrix Privilege Secure as an option for data
collection.
-
+
**Step 3 –** Select the type of the Access Policy you want to use in Netwrix Privilege Secure.
Credential-based is the default option. Refer to the
@@ -106,7 +106,7 @@ and to which Netwrix Auditor has the access through a Credential-based access po
**NOTE:** Netwrix recommends using different credentials for different monitoring plans and data
sources.
-
+
The second option is Resource-based. To use this option, you need to provide the Activity and
Resource names, assigned to Netwrix Auditor in the corresponding Resource-based policy. Make sure
diff --git a/docs/auditor/10.8/admin/navigation/customizeexamples.md b/docs/auditor/10.8/admin/navigation/customizeexamples.md
index 9f300fab46..0d8da3b1d7 100644
--- a/docs/auditor/10.8/admin/navigation/customizeexamples.md
+++ b/docs/auditor/10.8/admin/navigation/customizeexamples.md
@@ -17,14 +17,14 @@ Follow the steps to view a report and add it to the list of Favorites.
**Step 2 –** Open a report you are interested in; for example, Account Permissions in Active
Directory:
-
+
**Step 3 –** Click the report menu (three dots) to the right and select Add to favorites.
(Alternatively, click the star icon in the upper right corner of the report description.)
The report is added to the Favorite reports section on the home page and you can run it instantly.
-
+
## Run Search and Create Alert
@@ -66,7 +66,7 @@ such as "_User Accounts with administrative permissions_". See the
3. Search the group of risks you want to pin to the home page (in this case, the "_Permissions_"
risks group):
- 
+ 
**Step 4 –** Click Add.
diff --git a/docs/auditor/10.8/admin/navigation/customizefavorite.md b/docs/auditor/10.8/admin/navigation/customizefavorite.md
index 02115c5035..a2f5fa74c3 100644
--- a/docs/auditor/10.8/admin/navigation/customizefavorite.md
+++ b/docs/auditor/10.8/admin/navigation/customizefavorite.md
@@ -12,7 +12,7 @@ update the full list, click View all.
The Home > Reports page opens. This page includes several folders: Favorites, Predefined, Compliance
and Custom. Favorite reports are located in the Favorites folder.
-
+
Follow the steps to add or remove a Favorite report
@@ -23,7 +23,7 @@ Follow the steps to add or remove a Favorite report
**Step 3 –** To change whether the report is a favorite, click the star icon in the upper right-hand
corner of the report description.
-
+
Report Summary with Star icon unchecked
@@ -33,7 +33,7 @@ The options on the Reports page for Favorite reports are show below:
| | |
| -------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
-|  |  |
+|  |  |
| _Favorites Sub-Folder Options_ | _Favorites > [Report] Options_ |
| Option Name | Description |
| --- | --- |
diff --git a/docs/auditor/10.8/admin/navigation/customizehome.md b/docs/auditor/10.8/admin/navigation/customizehome.md
index b2a3c2f8e5..3c5d25407b 100644
--- a/docs/auditor/10.8/admin/navigation/customizehome.md
+++ b/docs/auditor/10.8/admin/navigation/customizehome.md
@@ -39,7 +39,7 @@ Follow the steps to remove a tile from the Home Screen.
**Step 3 –** Click **close (x)**:
-
+
**Step 4 –** Click Apply.
diff --git a/docs/auditor/10.8/admin/navigation/overview.md b/docs/auditor/10.8/admin/navigation/overview.md
index c2e1cf405f..2b43ac15b6 100644
--- a/docs/auditor/10.8/admin/navigation/overview.md
+++ b/docs/auditor/10.8/admin/navigation/overview.md
@@ -25,7 +25,7 @@ information. The following tiles are displayed on the initially configured Home
The Welcome to Netwrix Auditor Tile tile provides a checklist you can use to get started collecting
and viewing data about your IT ecosystem.
-
+
- The "Create a monitoring plan" link prompts you to create a monitoring plan for at least one data
source (such as Active Directory, Exchange Online or network devices). For detailed instructions
@@ -49,7 +49,7 @@ the bottom. The checklist will be replaced by statistics across your audited sys
This section contains four tiles for getting security intelligence about your IT infrastructure:
-
+
| Tile | Description |
| ----------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
@@ -90,10 +90,10 @@ than can fit in the tile, simply click **View all** to see the complete list. Se
| | |
| -------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
-|  | Opens the Alerts Overview dashboard, which lists the latest alerts triggered in your IT infrastructure, enriched with actionable charts and timelines. See the [Alerts Overview Dashboard](/docs/auditor/10.8/admin/alertsettings/dashboard.md) topic for additional information. |
-|  | This tile shows the current number of users, groups, and files and folders in your IT infrastructure in one place. Clicking the link opens the corresponding report: - Users — User Accounts state-in-time report for Active Directory - Groups — Groups state-in-time report for Active Directory - Files and Folders — Folder Tree View state-in-time report for File Servers Click Recalculate to update values. |
-|  | Clicking the tile opens the Monitoring Overview dashboard, which shows the current status of each of your monitoring plans. See the [Monitoring Overview](/docs/auditor/10.8/admin/healthstatus/dashboard/monitoringoverview.md) topic for additional information. |
-|  | Clicking the tile opens the Activity Record Statistics dashboard which shows the number of activity records that were collected from your data sources during the last 7 days. See the [Activity Records Statistics](/docs/auditor/10.8/admin/healthstatus/dashboard/activityrecordstatistics.md) topic for additional information. |
-|  | Opens the listed Auditor report. See the [Custom Search-Based Reports](/docs/auditor/10.8/admin/reports/custom.md) topic for additional information. |
+|  | Opens the Alerts Overview dashboard, which lists the latest alerts triggered in your IT infrastructure, enriched with actionable charts and timelines. See the [Alerts Overview Dashboard](/docs/auditor/10.8/admin/alertsettings/dashboard.md) topic for additional information. |
+|  | This tile shows the current number of users, groups, and files and folders in your IT infrastructure in one place. Clicking the link opens the corresponding report: - Users — User Accounts state-in-time report for Active Directory - Groups — Groups state-in-time report for Active Directory - Files and Folders — Folder Tree View state-in-time report for File Servers Click Recalculate to update values. |
+|  | Clicking the tile opens the Monitoring Overview dashboard, which shows the current status of each of your monitoring plans. See the [Monitoring Overview](/docs/auditor/10.8/admin/healthstatus/dashboard/monitoringoverview.md) topic for additional information. |
+|  | Clicking the tile opens the Activity Record Statistics dashboard which shows the number of activity records that were collected from your data sources during the last 7 days. See the [Activity Records Statistics](/docs/auditor/10.8/admin/healthstatus/dashboard/activityrecordstatistics.md) topic for additional information. |
+|  | Opens the listed Auditor report. See the [Custom Search-Based Reports](/docs/auditor/10.8/admin/reports/custom.md) topic for additional information. |
|  | Opens the listed Auditor report. See the [Predefined Reports](/docs/auditor/10.8/admin/reports/types/overview.md) topic for additional information. |
-|  | Opens the list of the configuration recommendations provided by Netwrix industry experts to take advantage of the Auditor functionality. See the [Recommendations](/docs/auditor/10.8/admin/navigation/recommendations.md) topic for additional information. |
+|  | Opens the list of the configuration recommendations provided by Netwrix industry experts to take advantage of the Auditor functionality. See the [Recommendations](/docs/auditor/10.8/admin/navigation/recommendations.md) topic for additional information. |
diff --git a/docs/auditor/10.8/admin/navigation/recommendations.md b/docs/auditor/10.8/admin/navigation/recommendations.md
index f03ccba1b7..5f4cff1b9e 100644
--- a/docs/auditor/10.8/admin/navigation/recommendations.md
+++ b/docs/auditor/10.8/admin/navigation/recommendations.md
@@ -12,7 +12,7 @@ Netwrix Service Accounts, you can start collecting data and review it with Netwr
recommendations are based on your current product configuration and help you to experience the
Auditor capabilities in earnest.
-
+
Follow the steps to review the recommendations provided by Netwrix industry experts.
@@ -105,7 +105,7 @@ Follow the steps to manage recommendations:
**Step 2 –** Click **Settings** at the bottom.
-
+
**Step 3 –** In the Manage recommendations dialog, do the following:
diff --git a/docs/auditor/10.8/admin/reports/custom.md b/docs/auditor/10.8/admin/reports/custom.md
index e5fe981485..f3ef93c961 100644
--- a/docs/auditor/10.8/admin/reports/custom.md
+++ b/docs/auditor/10.8/admin/reports/custom.md
@@ -20,7 +20,7 @@ move it to the new folder.
The example custom report results apply to AD or Group Policy modifications by administrator.
-
+
Review the following for additional information:
diff --git a/docs/auditor/10.8/admin/reports/overview.md b/docs/auditor/10.8/admin/reports/overview.md
index 1a6feaa8d6..5fd359d40b 100644
--- a/docs/auditor/10.8/admin/reports/overview.md
+++ b/docs/auditor/10.8/admin/reports/overview.md
@@ -17,7 +17,7 @@ access to data—only within a delegated scope. See the
[Role-Based Access and Delegation](/docs/auditor/10.8/admin/monitoringplans/delegation.md) topic for additional
informatuion.
-
+
Review general report types available in Netwrix Auditor to meet your specific business needs:
diff --git a/docs/auditor/10.8/admin/reports/reviewstatus.md b/docs/auditor/10.8/admin/reports/reviewstatus.md
index 5afbf5a59e..fc5b0879d7 100644
--- a/docs/auditor/10.8/admin/reports/reviewstatus.md
+++ b/docs/auditor/10.8/admin/reports/reviewstatus.md
@@ -18,7 +18,7 @@ issues through the following automated course of action:
1. The reported changes to the monitored environment are assigned the New status by default.
2. If a change seems unauthorized, or requires further analysis, you can click the Click to update
status link next to the change detailed data:
- 3.
+ 3.
In the **Review status** dialog for selected change, set its status to In Review and provide a
reason.
3. Once the change has been approved of, or rolled back, you can set its status to Resolved.
diff --git a/docs/auditor/10.8/admin/reports/types/activity.md b/docs/auditor/10.8/admin/reports/types/activity.md
index 4f650a9bd6..7c9954f4ac 100644
--- a/docs/auditor/10.8/admin/reports/types/activity.md
+++ b/docs/auditor/10.8/admin/reports/types/activity.md
@@ -34,7 +34,7 @@ search field to look for the keywords you need:
In the report filters, select a monitoring plan you want to generate a report for. To review data
sources and items included in each plan, navigate to the Monitoring Plans section.
-
+
Each report has a set of filters which help organize audit data in the most convenient way. See the
[View Reports](/docs/auditor/10.8/admin/reports/view.md) topic for additional information. You can also create a subscription to
diff --git a/docs/auditor/10.8/admin/reports/types/enterprise.md b/docs/auditor/10.8/admin/reports/types/enterprise.md
index f38700aedd..c8419a52de 100644
--- a/docs/auditor/10.8/admin/reports/types/enterprise.md
+++ b/docs/auditor/10.8/admin/reports/types/enterprise.md
@@ -55,7 +55,7 @@ Follow the steps to review a diagram:
The example below applies to Enterprise.
-
+
Each report has a set of filters which help organize audit data in the most convenient way. See the
[View Reports](/docs/auditor/10.8/admin/reports/view.md) topic for additional information. You can also create a subscription to
diff --git a/docs/auditor/10.8/admin/reports/types/stateintime/overview.md b/docs/auditor/10.8/admin/reports/types/stateintime/overview.md
index 2b907ec6a4..c1e6820098 100644
--- a/docs/auditor/10.8/admin/reports/types/stateintime/overview.md
+++ b/docs/auditor/10.8/admin/reports/types/stateintime/overview.md
@@ -38,7 +38,7 @@ Directory\_\_**>_**\_Active Directory\_\_**>\_**\_State-in-Time**.
In the report filters, select a monitoring plan you want to generate a report for. To review data
sources and items included in each plan, navigate to the Monitoring Plans section.
-
+
Each report has a set of filters which help organize audit data in the most convenient way. See the
[View Reports](/docs/auditor/10.8/admin/reports/view.md) topic for additional information. You can also create a subscription
@@ -67,7 +67,7 @@ threat or at least merits your special attention. With baselines specified right
you can easily identify servers that are different from your corporate policies or best practices.
Risks are marked with red color and are easy to spot in the report.
-
+
You can specify baseline values specific to your organization in one of the following ways:
diff --git a/docs/auditor/10.8/admin/reports/types/stateintime/sqlroles.md b/docs/auditor/10.8/admin/reports/types/stateintime/sqlroles.md
index 364add4faa..23c4e66a31 100644
--- a/docs/auditor/10.8/admin/reports/types/stateintime/sqlroles.md
+++ b/docs/auditor/10.8/admin/reports/types/stateintime/sqlroles.md
@@ -11,7 +11,7 @@ To instruct Netwrix Auditor to collect data needed for this report, make sure th
for state-in-time reports** option is selected in the monitoring plan properties. See Settings for
Data Collection in the monitoring plan documentation.
-
+
## Reported data
diff --git a/docs/auditor/10.8/admin/reports/types/stateintime/sqlserveroverview/sqlaccountpermissions.md b/docs/auditor/10.8/admin/reports/types/stateintime/sqlserveroverview/sqlaccountpermissions.md
index 7a8e005fba..7b18589e91 100644
--- a/docs/auditor/10.8/admin/reports/types/stateintime/sqlserveroverview/sqlaccountpermissions.md
+++ b/docs/auditor/10.8/admin/reports/types/stateintime/sqlserveroverview/sqlaccountpermissions.md
@@ -10,7 +10,7 @@ Details the effective permissions that the specified account has on the SQL Serv
selected type. Use this report to review the permissions granted to users through your SQL Server
objects.
-
+
## Reported data
diff --git a/docs/auditor/10.8/admin/reports/types/stateintime/sqlserveroverview/sqldatabases.md b/docs/auditor/10.8/admin/reports/types/stateintime/sqlserveroverview/sqldatabases.md
index 171c57873e..8e436b589e 100644
--- a/docs/auditor/10.8/admin/reports/types/stateintime/sqlserveroverview/sqldatabases.md
+++ b/docs/auditor/10.8/admin/reports/types/stateintime/sqlserveroverview/sqldatabases.md
@@ -9,7 +9,7 @@ sidebar_position: 30
This report lists the properties of databases and database snapshots hosted on the selected SQL
Server instance. Use this report for your SQL Server database inventory.
-
+
## Reported data
diff --git a/docs/auditor/10.8/admin/reports/types/stateintime/sqlserveroverview/sqlmeansgranted.md b/docs/auditor/10.8/admin/reports/types/stateintime/sqlserveroverview/sqlmeansgranted.md
index 077035d4b6..ac3e285e90 100644
--- a/docs/auditor/10.8/admin/reports/types/stateintime/sqlserveroverview/sqlmeansgranted.md
+++ b/docs/auditor/10.8/admin/reports/types/stateintime/sqlserveroverview/sqlmeansgranted.md
@@ -16,7 +16,7 @@ Supported object types and attributes are listed in the
To instruct Netwrix Auditor to collect data needed for this report, make sure that **Collect data
for state-in-time reports** option is selected in the monitoring plan properties.
-
+
## Reported data
@@ -99,4 +99,4 @@ _Corp_ organization discovered that the accounts with Contractor job title has a
**SQL Server Means Granted** report for that account by clicking the link in the **Means granted**
field for that account.
-
+
diff --git a/docs/auditor/10.8/admin/reports/types/stateintime/sqlserveroverview/sqlobjectpermissions.md b/docs/auditor/10.8/admin/reports/types/stateintime/sqlserveroverview/sqlobjectpermissions.md
index b6fc66bc92..3954356ee5 100644
--- a/docs/auditor/10.8/admin/reports/types/stateintime/sqlserveroverview/sqlobjectpermissions.md
+++ b/docs/auditor/10.8/admin/reports/types/stateintime/sqlserveroverview/sqlobjectpermissions.md
@@ -12,7 +12,7 @@ object. Use this report to review who has access to your SQL Server objects.
Supported object types and attributes are listed in the
[SQL Server](/docs/auditor/10.8/configuration/sqlserver/overview.md) section.
-
+
## Reported data
diff --git a/docs/auditor/10.8/admin/reports/types/userbehavior.md b/docs/auditor/10.8/admin/reports/types/userbehavior.md
index e2dce802ca..6715eaf6a9 100644
--- a/docs/auditor/10.8/admin/reports/types/userbehavior.md
+++ b/docs/auditor/10.8/admin/reports/types/userbehavior.md
@@ -20,7 +20,7 @@ identify vulnerabilities and easily answer questions such as:
Analytics reports can be found in the User Behavior and Blind Spot Analysis folder under the
Predefined node.
-
+
If you are sure that some audit data is missing (e.g., you do not see information on your file
servers in reports and search results), verify that the Audit Database settings are configured and
@@ -30,7 +30,7 @@ By default, Auditor allows generating reports and running interactive searches o
the last 180 days. If you want to investigate incidents that occurred more than 180 days ago, ask
your Auditor Global administrator to import that data from the Long-Term Archive.
-
+
Each report has a set of filters which help organize audit data in the most convenient way. See the
[View Reports](/docs/auditor/10.8/admin/reports/view.md) topic for additional information. You can also create a subscription to
diff --git a/docs/auditor/10.8/admin/reports/video.md b/docs/auditor/10.8/admin/reports/video.md
index a5d8ff27a5..ac7459f416 100644
--- a/docs/auditor/10.8/admin/reports/video.md
+++ b/docs/auditor/10.8/admin/reports/video.md
@@ -15,7 +15,7 @@ To view reports with video, navigate to Reports → User Activity.
In the report filters, select a monitoring plan you want to generate a report for. To review data
sources and items included in each plan, navigate to the Monitoring Plans section.
-
+
Each report has a set of filters which help organize audit data in the most convenient way. See the
[View Reports](/docs/auditor/10.8/admin/reports/view.md) topic for additional information. You can also create a subscription to any
diff --git a/docs/auditor/10.8/admin/reports/view.md b/docs/auditor/10.8/admin/reports/view.md
index f16dd3615e..b5593ca4dc 100644
--- a/docs/auditor/10.8/admin/reports/view.md
+++ b/docs/auditor/10.8/admin/reports/view.md
@@ -26,12 +26,12 @@ access them instantly. See the [Navigation](/docs/auditor/10.8/admin/navigation/
[Customize Home Screen](/docs/auditor/10.8/admin/navigation/customizehome.md) topics for additional information.
1. In Netwrix Auditor Home screen, click
- on
+ on
the left, and in the tree on the left select the report you need.
To speed up the process, you can use the **Search** field, entering the keyword to search by.
-
+
2. Click View button in the right pane.
@@ -77,9 +77,9 @@ of the report. The filters may vary slightly depending on the audited system and
The report without filtering:
-
+
The report below displays changes for all audited systems made by the CORP\Administrator user on the
ROOTDC2 domain controller for a month sorted by the action type.
-
+
diff --git a/docs/auditor/10.8/admin/riskassessment/dashboard.md b/docs/auditor/10.8/admin/riskassessment/dashboard.md
index a6709a18fa..cca0148269 100644
--- a/docs/auditor/10.8/admin/riskassessment/dashboard.md
+++ b/docs/auditor/10.8/admin/riskassessment/dashboard.md
@@ -27,7 +27,7 @@ displayed with the color indicators in accordance with the level:
- Medium — yellow
- Low — green
-
+
After reviewing general risks assessment results in each category, you can drill-down to details
covered in the underlying report. To do so, double-click the selected metric or use the View Report
@@ -47,7 +47,7 @@ right click Modify thresholds.
**Step 3 –** Click OK to save the settings and close the dialog.
-
+
Also, for several metrics the Customize risk indicators command is available.
diff --git a/docs/auditor/10.8/admin/riskassessment/overview.md b/docs/auditor/10.8/admin/riskassessment/overview.md
index 298d8f3c8d..43260e1d28 100644
--- a/docs/auditor/10.8/admin/riskassessment/overview.md
+++ b/docs/auditor/10.8/admin/riskassessment/overview.md
@@ -81,15 +81,15 @@ To verify the necessary settings of the existing plan
3. Go to the Audit Database section and make sure that Disable security intelligence ... checkbox is
cleared. This will instruct Netwrix Auditor to store data to both Long-Term Archive and audit
database:
- 
+ 
4. Save the settings and return to the window with the monitoring plan details. Make sure you have
at least one monitored item in the plan. If necessary, add an item.
5. Select the data source you need (for example, Active Directory) and click Edit data source from
the Data source section on the right.
- 
+ 
6. Make sure that:
1. Monitor this data source and collect activity data is switched ON.
2. Collect data for state-in-time reports is switched ON.
7. Save the settings and close the dialog.
-
+
diff --git a/docs/auditor/10.8/admin/search/filteradvanced.md b/docs/auditor/10.8/admin/search/filteradvanced.md
index af035afe07..0f8066743e 100644
--- a/docs/auditor/10.8/admin/search/filteradvanced.md
+++ b/docs/auditor/10.8/admin/search/filteradvanced.md
@@ -51,7 +51,7 @@ When you apply filters at search, you can specify operators that should be used
data you want to retrieve and compare with the certain filter value. A condition can be, for
example, Contains, Starts with, and so on.
-
+
The following operators can be used to specify search conditions:
@@ -71,9 +71,9 @@ When you add a new search filter, the Contains operator is used by default.
To modify conditions for the selected filters, make sure you have switched to the Advanced search
mode.
-
+
The image below represents the same search filters as they are shown in the Search field in the
Simple mode.
-
+
diff --git a/docs/auditor/10.8/admin/search/filtersimple.md b/docs/auditor/10.8/admin/search/filtersimple.md
index 507279a038..bd2c8e39bb 100644
--- a/docs/auditor/10.8/admin/search/filtersimple.md
+++ b/docs/auditor/10.8/admin/search/filtersimple.md
@@ -31,7 +31,7 @@ Follow the steps to add a filter to your search.
**Step 1 –** Click a filter type icon. Enter a value you want to search for.
-
+
Alternatively, you can type a value directly into the Search field.
@@ -40,7 +40,7 @@ Alternatively, you can type a value directly into the Search field.
To search across all columns in the results view (everywhere—Who, What, Where, Action, etc.),
leave it as is.
-
+
**Step 2 –** Click Search to apply your filters. By default, all entries that contain the filter
value are shown.
@@ -49,7 +49,7 @@ value are shown.
| To... | Do... |
| ------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
-| Modify filter | Double-click the filter and type a new value.  If you need to modify the When filter, delete it and add a new value, or navigate to the Advanced mode (Simple mode does not support its modification). |
+| Modify filter | Double-click the filter and type a new value.  If you need to modify the When filter, delete it and add a new value, or navigate to the Advanced mode (Simple mode does not support its modification). |
| Remove filter | Click the **Close** icon next to it. |
## Exporting and Importing Filters
diff --git a/docs/auditor/10.8/admin/search/overview.md b/docs/auditor/10.8/admin/search/overview.md
index 9e2d5b56dd..083d6b4090 100644
--- a/docs/auditor/10.8/admin/search/overview.md
+++ b/docs/auditor/10.8/admin/search/overview.md
@@ -49,7 +49,7 @@ Archive. See [Investigations](/docs/auditor/10.8/admin/settings/investigations.m
## Browsing Your Audit Data
On the main Netwrix Auditor page, click
-
+
on the left.
You can add any elements (a dashboard, report, alert, risk, etc.) to the Auditor Home screen to
@@ -76,7 +76,7 @@ the data you need.
filter fields and conditions). See [Use Filters in Advanced Mode](/docs/auditor/10.8/admin/search/filteradvanced.md) for
details.
- 
+ 
- By default, search results are open in the same window, so the subsequent search results will
overwrite the previous search results. To view them in different windows, click Open in new
@@ -87,7 +87,7 @@ Use search results for your own needs: save, share, create search-based alerts,
periodic delivery of search query results, etc. See Make Search Results Actionnable for more
information.
-
+
You can also use the **Search** window to examine details for the selected activity record, or watch
a video recording (for User Ativity data).
diff --git a/docs/auditor/10.8/admin/settings/auditdatabase.md b/docs/auditor/10.8/admin/settings/auditdatabase.md
index ba6d0fa280..002ad331d1 100644
--- a/docs/auditor/10.8/admin/settings/auditdatabase.md
+++ b/docs/auditor/10.8/admin/settings/auditdatabase.md
@@ -32,7 +32,7 @@ Follow the steps to review and update global Audit Database settings:
**Step 2 –** Click **Modify** to edit the settings.
-
+
**Step 3 –** Specify the following database storage settings:
diff --git a/docs/auditor/10.8/admin/settings/custombrand.md b/docs/auditor/10.8/admin/settings/custombrand.md
index 104b8d6554..946c4855ee 100644
--- a/docs/auditor/10.8/admin/settings/custombrand.md
+++ b/docs/auditor/10.8/admin/settings/custombrand.md
@@ -70,7 +70,7 @@ To restore original look and feel, run the script and replace"_True_" with "_Fal
By default, Netwrix Auditor reports look as follows:
-
+
Report branding is customized on Netwrix Auditor Server side that means that all clients connected
to this server will have the same look and feel for reports.
@@ -103,7 +103,7 @@ db_owner role on the Netwrix_CommonDB database.
After running the script, start the Netwrix Auditor client and generate a report. The branding will
be updated.
-
+
Follow the steps to restore original look.
diff --git a/docs/auditor/10.8/admin/settings/longtermarchive.md b/docs/auditor/10.8/admin/settings/longtermarchive.md
index 5eaa527227..cc7fc55fc4 100644
--- a/docs/auditor/10.8/admin/settings/longtermarchive.md
+++ b/docs/auditor/10.8/admin/settings/longtermarchive.md
@@ -10,7 +10,7 @@ The Long-Term Archive is configured by default, irrespective of your subscriptio
you specified when configuring a monitoring plan. To review and update your Long-Term Archive
settings, navigate to **Settings** > **Long-Term Archive** and click Modify.
-
+
Review the following for additional information:
@@ -23,7 +23,7 @@ Review the following for additional information:
Setting Recording Settings
-
+
| | |
| ----------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
diff --git a/docs/auditor/10.8/admin/settings/privilegesecure.md b/docs/auditor/10.8/admin/settings/privilegesecure.md
index 76b163b883..2009b80f26 100644
--- a/docs/auditor/10.8/admin/settings/privilegesecure.md
+++ b/docs/auditor/10.8/admin/settings/privilegesecure.md
@@ -72,7 +72,7 @@ options are available:
- New/Generate certificate – Create a new certificate.
- Select an existing certificate – Select an available certificate from the drop-down list.
-
+
**Step 6 –** Click **Next**.
@@ -108,11 +108,11 @@ documentation for additional instructions.
**Step 10 –** Provide the security key you got in Netwrix Privilege Secure.
-
+
**Step 11 –** Click **Next**.
-
+
**Step 12 –** After the validation, click **Finish**.
diff --git a/docs/auditor/10.8/admin/subscriptions/manage.md b/docs/auditor/10.8/admin/subscriptions/manage.md
index b7e25f30d4..fd81efb743 100644
--- a/docs/auditor/10.8/admin/subscriptions/manage.md
+++ b/docs/auditor/10.8/admin/subscriptions/manage.md
@@ -8,7 +8,7 @@ sidebar_position: 20
On the main Netwrix Auditor page, navigate to Subscriptions to review a list of your subscriptions.
-
+
The table below provides instructions on how to manage your subscriptions.
diff --git a/docs/auditor/10.8/api/overview.md b/docs/auditor/10.8/api/overview.md
index cd6bc0dd9a..ed6aab34fe 100644
--- a/docs/auditor/10.8/api/overview.md
+++ b/docs/auditor/10.8/api/overview.md
@@ -22,7 +22,7 @@ Integration API provides the following capabilities:
- Data out: Further automate your business processes, IT security and operations workflows by
enriching third-party solutions with actionable audit data.
-
+
Netwrix Auditor Integration API operates with XML- and JSON-formatted Activity Records—minimal
chunks of audit data containing information on _who_ changed _what_, _when_ and _where_ this change
diff --git a/docs/auditor/10.8/api/prerequisites.md b/docs/auditor/10.8/api/prerequisites.md
index 4c4dc21b5b..295b0c572a 100644
--- a/docs/auditor/10.8/api/prerequisites.md
+++ b/docs/auditor/10.8/api/prerequisites.md
@@ -26,7 +26,7 @@ rule will be automatically created.
**Step 4 –** If you use a third-party firewall, you must create a rule for inbound connections
manually.
-
+
## Configure Audit Database Settings
diff --git a/docs/auditor/10.8/api/writeactivityrecords.md b/docs/auditor/10.8/api/writeactivityrecords.md
index 3454ae85ae..e7d5b93331 100644
--- a/docs/auditor/10.8/api/writeactivityrecords.md
+++ b/docs/auditor/10.8/api/writeactivityrecords.md
@@ -145,8 +145,8 @@ Date: Fri, 08 Apr 2017 13:56:22 GMT
**Step 4 –** Check that posted data is now available in the Audit Database. Run a search request to [/netwrix/api/v1/activity_records/search](/docs/auditor/10.8/api/searchactivityrecords.md) endpoint or use interactive search in the Netwrix Auditor client. For example:
-
+
**Step 5 –** For input Activity Records, the data source is set to Netwrix API.
-
+
diff --git a/docs/auditor/10.8/configuration/activedirectory/automatic.md b/docs/auditor/10.8/configuration/activedirectory/automatic.md
index c4b32b69f8..6cc89e3cd8 100644
--- a/docs/auditor/10.8/configuration/activedirectory/automatic.md
+++ b/docs/auditor/10.8/configuration/activedirectory/automatic.md
@@ -17,7 +17,7 @@ To adjust audit settings automatically, do any of the following:
[Create a New Monitoring Plan](/docs/auditor/10.8/admin/monitoringplans/create.md) topic for additional
information.
-
+
- For the existing monitoring plan, modify data collection settings for Active Directory data
source, selecting **Adjust audit settings automatically** option.
diff --git a/docs/auditor/10.8/configuration/activedirectoryfederatedservices/overview.md b/docs/auditor/10.8/configuration/activedirectoryfederatedservices/overview.md
index a26edd8aa5..f70e280668 100644
--- a/docs/auditor/10.8/configuration/activedirectoryfederatedservices/overview.md
+++ b/docs/auditor/10.8/configuration/activedirectoryfederatedservices/overview.md
@@ -78,12 +78,12 @@ need to configure audit settings manually, as described later in this section.
**Step 1 –** Select the AD FS data source in this monitoring plan (top row under the header), click
**Edit data source** to open its settings.
-
+
**Step 2 –** In the **Configure audit settings** section, select **Adjust audit settings
automatically** check box.
-
+
**Step 3 –** Save the settings.
diff --git a/docs/auditor/10.8/configuration/fileservers/nutanix/permissions.md b/docs/auditor/10.8/configuration/fileservers/nutanix/permissions.md
index c4565db052..5ff8d1e0fe 100644
--- a/docs/auditor/10.8/configuration/fileservers/nutanix/permissions.md
+++ b/docs/auditor/10.8/configuration/fileservers/nutanix/permissions.md
@@ -18,7 +18,7 @@ This is the account you will provide in the monitoring plan wizard at the
[Create a New Monitoring Plan](/docs/auditor/10.8/admin/monitoringplans/create.md) step; it can be modified in
the **General** tab of the monitored item settings.
-
+
This account must have a role with sufficient privileges on that server: **File Server Admin**
(recommended) or **Backup Admin** role.
@@ -30,7 +30,7 @@ You will also need an account that will be used to connect to Nutanix File Serve
This account should be provided in the **Nutanix File Server REST API** tab of the monitored item
(_Nutanix SMB shares_) settings.
-
+
This account must be assigned the **REST API access users** role for Nutanix File Server you want to
audit.
diff --git a/docs/auditor/10.8/configuration/grouppolicy/permissions.md b/docs/auditor/10.8/configuration/grouppolicy/permissions.md
index 93a8350665..6da2b37686 100644
--- a/docs/auditor/10.8/configuration/grouppolicy/permissions.md
+++ b/docs/auditor/10.8/configuration/grouppolicy/permissions.md
@@ -150,7 +150,7 @@ Follow the steps to use Netwrix Privilege Secure as an account for data collect
**Step 2 –** In the item configuration menu, select Netwrix Privilege Secure as an option for data
collection.
-
+
**Step 3 –** Select the type of the Access Policy you want to use in Netwrix Privilege Secure.
Credential-based is the default option. Refer to the
@@ -163,7 +163,7 @@ and to which Netwrix Auditor has the access through a Credential-based access po
**NOTE:** Netwrix recommends using different credentials for different monitoring plans and data
sources.
-
+
The second option is Resource-based. To use this option, you need to provide the Activity and
Resource names, assigned to Netwrix Auditor in the corresponding Resource-based policy. Make sure
diff --git a/docs/auditor/10.8/configuration/windowsserver/overview.md b/docs/auditor/10.8/configuration/windowsserver/overview.md
index 1e8b04795d..0cbe4582bf 100644
--- a/docs/auditor/10.8/configuration/windowsserver/overview.md
+++ b/docs/auditor/10.8/configuration/windowsserver/overview.md
@@ -332,7 +332,7 @@ For example:
must be put in front of (\*), (?), (,), and (\) if they are a part of an entry value.
- Lines that start with the # sign are treated as comments and are ignored.
-
+
**NOTE:** In some cases, **Who** will be the system and **When** will be collection time, because
there is no necessary event in the Security log with this path.
diff --git a/docs/auditor/10.8/requirements/gmsa.md b/docs/auditor/10.8/requirements/gmsa.md
index 8ce4b4300e..0fc317bed8 100644
--- a/docs/auditor/10.8/requirements/gmsa.md
+++ b/docs/auditor/10.8/requirements/gmsa.md
@@ -219,7 +219,7 @@ Follow the steps to set a custom account in the monitored item properties.
**Step 2 –** On the **General** tab, under **Specify account for collecting data**, select **gMSA**
option.
-
+
See the
[Add Items for Monitoring](/docs/auditor/10.8/admin/monitoringplans/datasources.md#add-items-for-monitoring) topic
diff --git a/docs/auditor/10.8/requirements/longtermarchive.md b/docs/auditor/10.8/requirements/longtermarchive.md
index 4b34f62877..92c0319a5c 100644
--- a/docs/auditor/10.8/requirements/longtermarchive.md
+++ b/docs/auditor/10.8/requirements/longtermarchive.md
@@ -29,7 +29,7 @@ viewing the Long-Term Archive widget of the Health Status dashboard, click Open
**Step 2 –** Click Modify.
-
+
**Step 3 –** Enter new path or browse for the required folder.
@@ -62,7 +62,7 @@ If the retention period is set to **0**, the following logic will be applied:
To examine the repository capacity and daily growth, use the Long-Term Archive Capacity of the
Health Status dashboard.
-
+
To estimate the amount of activity records collected and stored to the repository day by day, use
the [Activity Records Statistics](/docs/auditor/10.8/admin/healthstatus/dashboard/activityrecordstatistics.md)
diff --git a/docs/auditor/10.8/requirements/overview.md b/docs/auditor/10.8/requirements/overview.md
index d234380bda..e6faacb5a8 100644
--- a/docs/auditor/10.8/requirements/overview.md
+++ b/docs/auditor/10.8/requirements/overview.md
@@ -18,7 +18,7 @@ following topics for additional information:
Netwrix Auditor provides comprehensive auditing of applications, platforms and storage systems. The
product architecture and components interactions are shown in the figure below.
-
+
- Netwrix Auditor Server — the central component that handles the collection, transfer and
processing of audit data from the various data sources (audited systems). Data from the sources
diff --git a/docs/auditor/10.8/requirements/software.md b/docs/auditor/10.8/requirements/software.md
index c52684b8a9..fe2b76a57b 100644
--- a/docs/auditor/10.8/requirements/software.md
+++ b/docs/auditor/10.8/requirements/software.md
@@ -117,7 +117,7 @@ small infrastructures, producing only several thousands of activity records per
scenario, you only deploy Auditor Server and default client, selecting Full installation option
during the product setup.
-
+
If you plan to implement this scenario in bigger environments, consider hardware requirements listed
in the Auditor documentation.
diff --git a/docs/auditor/10.8/requirements/sqlserver.md b/docs/auditor/10.8/requirements/sqlserver.md
index 62c5b69e6f..93d17aaa8b 100644
--- a/docs/auditor/10.8/requirements/sqlserver.md
+++ b/docs/auditor/10.8/requirements/sqlserver.md
@@ -246,7 +246,7 @@ Follow the steps to change database retention after the product deployment.
**Step 1 –** In the Auditor main screen, select Settings > Audit Database.
-
+
**Step 2 –** In the dialog displayed, make sure the Clear stale data when a database retention
period is exceeded: is set to ON, then click Modify to specify the required retention period (in
diff --git a/docs/auditor/10.8/tools/auditconfigurationassistant.md b/docs/auditor/10.8/tools/auditconfigurationassistant.md
index 1a72f8331d..dfd46ee8a0 100644
--- a/docs/auditor/10.8/tools/auditconfigurationassistant.md
+++ b/docs/auditor/10.8/tools/auditconfigurationassistant.md
@@ -88,7 +88,7 @@ Follow the steps to start assessment.
**Step 1 –** Specify the monitoring scope —select what you plan to monitor with Netwrix Auditor. You
can select both **Active Directory** and **Logon Activity**, or any of them.
-
+
**Step 2 –** If you launched **Audit Configuration Assistant** from the **Start** menu (not from the
monitoring plan settings), enter the name of Active Directory domain you want to assess.
@@ -110,7 +110,7 @@ At this step, you will be presented the results of the environment readiness ass
- the list of current and required settings for each entity
- the list of issues (if any) that occurred during the assessment
-
+
Follow the steps to view results.
diff --git a/static/images/auditor/10.8/addon/connectwise/integrations_thumb_0_0.webp b/static/images/auditor/10.8/addon/connectwise/integrations_thumb_0_0.webp
index 8ed58ea413..b6ae5d271b 100644
Binary files a/static/images/auditor/10.8/addon/connectwise/integrations_thumb_0_0.webp and b/static/images/auditor/10.8/addon/connectwise/integrations_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/admin/alertsettings/ad_alert.webp b/static/images/auditor/10.8/admin/alertsettings/ad_alert.webp
index 88308caa5f..fd3dc2d117 100644
Binary files a/static/images/auditor/10.8/admin/alertsettings/ad_alert.webp and b/static/images/auditor/10.8/admin/alertsettings/ad_alert.webp differ
diff --git a/static/images/auditor/10.8/admin/alertsettings/alerts_history_thumb_0_0.webp b/static/images/auditor/10.8/admin/alertsettings/alerts_history_thumb_0_0.webp
index 09c237a019..d25f578088 100644
Binary files a/static/images/auditor/10.8/admin/alertsettings/alerts_history_thumb_0_0.webp and b/static/images/auditor/10.8/admin/alertsettings/alerts_history_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/admin/alertsettings/alerts_overview_thumb_0_0.webp b/static/images/auditor/10.8/admin/alertsettings/alerts_overview_thumb_0_0.webp
index 46192e75ce..9734060da2 100644
Binary files a/static/images/auditor/10.8/admin/alertsettings/alerts_overview_thumb_0_0.webp and b/static/images/auditor/10.8/admin/alertsettings/alerts_overview_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/admin/alertsettings/command_thumb_0_0.webp b/static/images/auditor/10.8/admin/alertsettings/command_thumb_0_0.webp
index c1ff596682..344c8ad6f4 100644
Binary files a/static/images/auditor/10.8/admin/alertsettings/command_thumb_0_0.webp and b/static/images/auditor/10.8/admin/alertsettings/command_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/admin/alertsettings/configuration_tile.webp b/static/images/auditor/10.8/admin/alertsettings/configuration_tile.webp
index 1362b94db9..ead6f3c060 100644
Binary files a/static/images/auditor/10.8/admin/alertsettings/configuration_tile.webp and b/static/images/auditor/10.8/admin/alertsettings/configuration_tile.webp differ
diff --git a/static/images/auditor/10.8/admin/alertsettings/emailhealthstatusevent.webp b/static/images/auditor/10.8/admin/alertsettings/emailhealthstatusevent.webp
index ef5a58709a..315500f870 100644
Binary files a/static/images/auditor/10.8/admin/alertsettings/emailhealthstatusevent.webp and b/static/images/auditor/10.8/admin/alertsettings/emailhealthstatusevent.webp differ
diff --git a/static/images/auditor/10.8/admin/alertsettings/managetags.webp b/static/images/auditor/10.8/admin/alertsettings/managetags.webp
index e591758c3a..cf63af4e8d 100644
Binary files a/static/images/auditor/10.8/admin/alertsettings/managetags.webp and b/static/images/auditor/10.8/admin/alertsettings/managetags.webp differ
diff --git a/static/images/auditor/10.8/admin/alertsettings/passwordreset_thumb_0_0.webp b/static/images/auditor/10.8/admin/alertsettings/passwordreset_thumb_0_0.webp
index ecf84124ed..2a04a09e71 100644
Binary files a/static/images/auditor/10.8/admin/alertsettings/passwordreset_thumb_0_0.webp and b/static/images/auditor/10.8/admin/alertsettings/passwordreset_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/admin/alertsettings/powershell_thumb_0_0.webp b/static/images/auditor/10.8/admin/alertsettings/powershell_thumb_0_0.webp
index ecbb35edc2..1d63d94b57 100644
Binary files a/static/images/auditor/10.8/admin/alertsettings/powershell_thumb_0_0.webp and b/static/images/auditor/10.8/admin/alertsettings/powershell_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/admin/alertsettings/preview_thumb_0_0.webp b/static/images/auditor/10.8/admin/alertsettings/preview_thumb_0_0.webp
index 40417355bf..d5670ed3a0 100644
Binary files a/static/images/auditor/10.8/admin/alertsettings/preview_thumb_0_0.webp and b/static/images/auditor/10.8/admin/alertsettings/preview_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/admin/behavioranomalies/ba_tile.webp b/static/images/auditor/10.8/admin/behavioranomalies/ba_tile.webp
index 85eed9bb73..ef2564e237 100644
Binary files a/static/images/auditor/10.8/admin/behavioranomalies/ba_tile.webp and b/static/images/auditor/10.8/admin/behavioranomalies/ba_tile.webp differ
diff --git a/static/images/auditor/10.8/admin/behavioranomalies/changestatus_thumb_0_0.webp b/static/images/auditor/10.8/admin/behavioranomalies/changestatus_thumb_0_0.webp
index ca820e1a5a..c965341462 100644
Binary files a/static/images/auditor/10.8/admin/behavioranomalies/changestatus_thumb_0_0.webp and b/static/images/auditor/10.8/admin/behavioranomalies/changestatus_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/admin/behavioranomalies/dashboard_thumb_0_0.webp b/static/images/auditor/10.8/admin/behavioranomalies/dashboard_thumb_0_0.webp
index 19dd55eda5..50ea989f05 100644
Binary files a/static/images/auditor/10.8/admin/behavioranomalies/dashboard_thumb_0_0.webp and b/static/images/auditor/10.8/admin/behavioranomalies/dashboard_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/admin/behavioranomalies/userprofile_thumb_0_0.webp b/static/images/auditor/10.8/admin/behavioranomalies/userprofile_thumb_0_0.webp
index f1e77844c5..5d0f759369 100644
Binary files a/static/images/auditor/10.8/admin/behavioranomalies/userprofile_thumb_0_0.webp and b/static/images/auditor/10.8/admin/behavioranomalies/userprofile_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/admin/compliance_mappings.webp b/static/images/auditor/10.8/admin/compliance_mappings.webp
index aa259b93d3..07e74f82d8 100644
Binary files a/static/images/auditor/10.8/admin/compliance_mappings.webp and b/static/images/auditor/10.8/admin/compliance_mappings.webp differ
diff --git a/static/images/auditor/10.8/admin/healthstatus/dashboard/activityrecordsdetails_thumb_0_0.webp b/static/images/auditor/10.8/admin/healthstatus/dashboard/activityrecordsdetails_thumb_0_0.webp
index f11aa936d6..068aa29fff 100644
Binary files a/static/images/auditor/10.8/admin/healthstatus/dashboard/activityrecordsdetails_thumb_0_0.webp and b/static/images/auditor/10.8/admin/healthstatus/dashboard/activityrecordsdetails_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/admin/healthstatus/dashboard/dbstatistics_thumb_0_0.webp b/static/images/auditor/10.8/admin/healthstatus/dashboard/dbstatistics_thumb_0_0.webp
index bd4a862106..b87ae9403b 100644
Binary files a/static/images/auditor/10.8/admin/healthstatus/dashboard/dbstatistics_thumb_0_0.webp and b/static/images/auditor/10.8/admin/healthstatus/dashboard/dbstatistics_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/admin/healthstatus/dashboard/dbstats_overview_thumb_0_0.webp b/static/images/auditor/10.8/admin/healthstatus/dashboard/dbstats_overview_thumb_0_0.webp
index ae577b5ce0..49916c287a 100644
Binary files a/static/images/auditor/10.8/admin/healthstatus/dashboard/dbstats_overview_thumb_0_0.webp and b/static/images/auditor/10.8/admin/healthstatus/dashboard/dbstats_overview_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/admin/healthstatus/dashboard/healthlog.webp b/static/images/auditor/10.8/admin/healthstatus/dashboard/healthlog.webp
index 3bac3ff931..307a8edac6 100644
Binary files a/static/images/auditor/10.8/admin/healthstatus/dashboard/healthlog.webp and b/static/images/auditor/10.8/admin/healthstatus/dashboard/healthlog.webp differ
diff --git a/static/images/auditor/10.8/admin/healthstatus/dashboard/healthlogfilters_thumb_0_0.webp b/static/images/auditor/10.8/admin/healthstatus/dashboard/healthlogfilters_thumb_0_0.webp
index e3d4182ef9..78d26daeba 100644
Binary files a/static/images/auditor/10.8/admin/healthstatus/dashboard/healthlogfilters_thumb_0_0.webp and b/static/images/auditor/10.8/admin/healthstatus/dashboard/healthlogfilters_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/admin/healthstatus/dashboard/healthstatusdashboard_thumb_0_0.webp b/static/images/auditor/10.8/admin/healthstatus/dashboard/healthstatusdashboard_thumb_0_0.webp
index 76ceb68048..65192d355f 100644
Binary files a/static/images/auditor/10.8/admin/healthstatus/dashboard/healthstatusdashboard_thumb_0_0.webp and b/static/images/auditor/10.8/admin/healthstatus/dashboard/healthstatusdashboard_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/admin/healthstatus/dashboard/monitoringoverview_thumb_0_0.webp b/static/images/auditor/10.8/admin/healthstatus/dashboard/monitoringoverview_thumb_0_0.webp
index 0b21b09c06..57dbd6f40c 100644
Binary files a/static/images/auditor/10.8/admin/healthstatus/dashboard/monitoringoverview_thumb_0_0.webp and b/static/images/auditor/10.8/admin/healthstatus/dashboard/monitoringoverview_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/admin/healthstatus/email_thumb_0_0.webp b/static/images/auditor/10.8/admin/healthstatus/email_thumb_0_0.webp
index cc05a61858..f45edd37a7 100644
Binary files a/static/images/auditor/10.8/admin/healthstatus/email_thumb_0_0.webp and b/static/images/auditor/10.8/admin/healthstatus/email_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/admin/healthstatus/selfaudit_report.webp b/static/images/auditor/10.8/admin/healthstatus/selfaudit_report.webp
index 352c8c522c..031524290d 100644
Binary files a/static/images/auditor/10.8/admin/healthstatus/selfaudit_report.webp and b/static/images/auditor/10.8/admin/healthstatus/selfaudit_report.webp differ
diff --git a/static/images/auditor/10.8/admin/healthstatus/selfaudit_search_thumb_0_0.webp b/static/images/auditor/10.8/admin/healthstatus/selfaudit_search_thumb_0_0.webp
index 8aa379ae09..80747f669b 100644
Binary files a/static/images/auditor/10.8/admin/healthstatus/selfaudit_search_thumb_0_0.webp and b/static/images/auditor/10.8/admin/healthstatus/selfaudit_search_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/admin/healthstatus/selfaudit_thumb_0_0.webp b/static/images/auditor/10.8/admin/healthstatus/selfaudit_thumb_0_0.webp
index 3d0f2d6a00..2ad972e937 100644
Binary files a/static/images/auditor/10.8/admin/healthstatus/selfaudit_thumb_0_0.webp and b/static/images/auditor/10.8/admin/healthstatus/selfaudit_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/admin/monitoringplans/activedirectory/mp_data_source_ad_omit_example.webp b/static/images/auditor/10.8/admin/monitoringplans/activedirectory/mp_data_source_ad_omit_example.webp
index 6edeb3851f..cee98bb05c 100644
Binary files a/static/images/auditor/10.8/admin/monitoringplans/activedirectory/mp_data_source_ad_omit_example.webp and b/static/images/auditor/10.8/admin/monitoringplans/activedirectory/mp_data_source_ad_omit_example.webp differ
diff --git a/static/images/auditor/10.8/admin/monitoringplans/ad_activitity_summary_thumb_0_0.webp b/static/images/auditor/10.8/admin/monitoringplans/ad_activitity_summary_thumb_0_0.webp
index 9a4582fc4d..b2fa529c78 100644
Binary files a/static/images/auditor/10.8/admin/monitoringplans/ad_activitity_summary_thumb_0_0.webp and b/static/images/auditor/10.8/admin/monitoringplans/ad_activitity_summary_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/admin/monitoringplans/fileservers/item_computer_exclude_users.webp b/static/images/auditor/10.8/admin/monitoringplans/fileservers/item_computer_exclude_users.webp
index f5bf3d5173..e8aaf5c0a0 100644
Binary files a/static/images/auditor/10.8/admin/monitoringplans/fileservers/item_computer_exclude_users.webp and b/static/images/auditor/10.8/admin/monitoringplans/fileservers/item_computer_exclude_users.webp differ
diff --git a/static/images/auditor/10.8/admin/monitoringplans/fileservers/item_computer_exclude_users_thumb_0_0.webp b/static/images/auditor/10.8/admin/monitoringplans/fileservers/item_computer_exclude_users_thumb_0_0.webp
index f5bf3d5173..e8aaf5c0a0 100644
Binary files a/static/images/auditor/10.8/admin/monitoringplans/fileservers/item_computer_exclude_users_thumb_0_0.webp and b/static/images/auditor/10.8/admin/monitoringplans/fileservers/item_computer_exclude_users_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/admin/monitoringplans/fileservers/item_computer_exclusions_thumb_0_0.webp b/static/images/auditor/10.8/admin/monitoringplans/fileservers/item_computer_exclusions_thumb_0_0.webp
index 29a98cf274..3577c36481 100644
Binary files a/static/images/auditor/10.8/admin/monitoringplans/fileservers/item_computer_exclusions_thumb_0_0.webp and b/static/images/auditor/10.8/admin/monitoringplans/fileservers/item_computer_exclusions_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/admin/monitoringplans/fileservers/item_emc_scope_thumb_0_0.webp b/static/images/auditor/10.8/admin/monitoringplans/fileservers/item_emc_scope_thumb_0_0.webp
index 1d7fc59e92..4514f62733 100644
Binary files a/static/images/auditor/10.8/admin/monitoringplans/fileservers/item_emc_scope_thumb_0_0.webp and b/static/images/auditor/10.8/admin/monitoringplans/fileservers/item_emc_scope_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/admin/monitoringplans/item_o365_basic_auth_thumb_0_0.webp b/static/images/auditor/10.8/admin/monitoringplans/item_o365_basic_auth_thumb_0_0.webp
index 626fd3bbff..3e4e1e3f38 100644
Binary files a/static/images/auditor/10.8/admin/monitoringplans/item_o365_basic_auth_thumb_0_0.webp and b/static/images/auditor/10.8/admin/monitoringplans/item_o365_basic_auth_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/admin/monitoringplans/mp_edit_data_source_thumb_0_0.webp b/static/images/auditor/10.8/admin/monitoringplans/mp_edit_data_source_thumb_0_0.webp
index 2552afac0f..fc3de2f6be 100644
Binary files a/static/images/auditor/10.8/admin/monitoringplans/mp_edit_data_source_thumb_0_0.webp and b/static/images/auditor/10.8/admin/monitoringplans/mp_edit_data_source_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/admin/monitoringplans/mp_wizard_step1.webp b/static/images/auditor/10.8/admin/monitoringplans/mp_wizard_step1.webp
index 9cec8a8560..a1c33893f2 100644
Binary files a/static/images/auditor/10.8/admin/monitoringplans/mp_wizard_step1.webp and b/static/images/auditor/10.8/admin/monitoringplans/mp_wizard_step1.webp differ
diff --git a/static/images/auditor/10.8/admin/monitoringplans/mp_wizard_step2.webp b/static/images/auditor/10.8/admin/monitoringplans/mp_wizard_step2.webp
index 8d1ec0e467..d514f1a95a 100644
Binary files a/static/images/auditor/10.8/admin/monitoringplans/mp_wizard_step2.webp and b/static/images/auditor/10.8/admin/monitoringplans/mp_wizard_step2.webp differ
diff --git a/static/images/auditor/10.8/admin/monitoringplans/mp_wizard_step_db_thumb_0_0.webp b/static/images/auditor/10.8/admin/monitoringplans/mp_wizard_step_db_thumb_0_0.webp
index 60751ace94..88f01908d2 100644
Binary files a/static/images/auditor/10.8/admin/monitoringplans/mp_wizard_step_db_thumb_0_0.webp and b/static/images/auditor/10.8/admin/monitoringplans/mp_wizard_step_db_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/admin/monitoringplans/oracle/hiw_diagram_oracle.webp b/static/images/auditor/10.8/admin/monitoringplans/oracle/hiw_diagram_oracle.webp
index d1a817c234..da93beefd3 100644
Binary files a/static/images/auditor/10.8/admin/monitoringplans/oracle/hiw_diagram_oracle.webp and b/static/images/auditor/10.8/admin/monitoringplans/oracle/hiw_diagram_oracle.webp differ
diff --git a/static/images/auditor/10.8/admin/monitoringplans/rbac-01.webp b/static/images/auditor/10.8/admin/monitoringplans/rbac-01.webp
index bc90446c5f..64b2d79bcf 100644
Binary files a/static/images/auditor/10.8/admin/monitoringplans/rbac-01.webp and b/static/images/auditor/10.8/admin/monitoringplans/rbac-01.webp differ
diff --git a/static/images/auditor/10.8/admin/monitoringplans/sqlserver/data_source_sql_audit_select_rule_thumb_0_0.webp b/static/images/auditor/10.8/admin/monitoringplans/sqlserver/data_source_sql_audit_select_rule_thumb_0_0.webp
index 5973b5410c..c985bd7d1b 100644
Binary files a/static/images/auditor/10.8/admin/monitoringplans/sqlserver/data_source_sql_audit_select_rule_thumb_0_0.webp and b/static/images/auditor/10.8/admin/monitoringplans/sqlserver/data_source_sql_audit_select_rule_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/admin/monitoringplans/sqlserver/data_source_sql_audit_select_thumb_0_0.webp b/static/images/auditor/10.8/admin/monitoringplans/sqlserver/data_source_sql_audit_select_thumb_0_0.webp
index 495ade9078..ed45363892 100644
Binary files a/static/images/auditor/10.8/admin/monitoringplans/sqlserver/data_source_sql_audit_select_thumb_0_0.webp and b/static/images/auditor/10.8/admin/monitoringplans/sqlserver/data_source_sql_audit_select_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/admin/monitoringplans/sqlserver/data_source_sql_data_rule_thumb_0_0.webp b/static/images/auditor/10.8/admin/monitoringplans/sqlserver/data_source_sql_data_rule_thumb_0_0.webp
index 359f55a4ae..2fee1fce16 100644
Binary files a/static/images/auditor/10.8/admin/monitoringplans/sqlserver/data_source_sql_data_rule_thumb_0_0.webp and b/static/images/auditor/10.8/admin/monitoringplans/sqlserver/data_source_sql_data_rule_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/admin/monitoringplans/sqlserver/data_source_sql_users_thumb_0_0.webp b/static/images/auditor/10.8/admin/monitoringplans/sqlserver/data_source_sql_users_thumb_0_0.webp
index 38e95955ae..4da75349b0 100644
Binary files a/static/images/auditor/10.8/admin/monitoringplans/sqlserver/data_source_sql_users_thumb_0_0.webp and b/static/images/auditor/10.8/admin/monitoringplans/sqlserver/data_source_sql_users_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/admin/monitoringplans/tenantenvironment.webp b/static/images/auditor/10.8/admin/monitoringplans/tenantenvironment.webp
index 19c8bf6d73..7807557cdc 100644
Binary files a/static/images/auditor/10.8/admin/monitoringplans/tenantenvironment.webp and b/static/images/auditor/10.8/admin/monitoringplans/tenantenvironment.webp differ
diff --git a/static/images/auditor/10.8/admin/monitoringplans/updatecredentials.webp b/static/images/auditor/10.8/admin/monitoringplans/updatecredentials.webp
index 60826773f4..5deb44c03f 100644
Binary files a/static/images/auditor/10.8/admin/monitoringplans/updatecredentials.webp and b/static/images/auditor/10.8/admin/monitoringplans/updatecredentials.webp differ
diff --git a/static/images/auditor/10.8/admin/monitoringplans/vmware/hiw_diagram_vma_thumb_0_0.webp b/static/images/auditor/10.8/admin/monitoringplans/vmware/hiw_diagram_vma_thumb_0_0.webp
index f00ecfd0b3..c496ea2739 100644
Binary files a/static/images/auditor/10.8/admin/monitoringplans/vmware/hiw_diagram_vma_thumb_0_0.webp and b/static/images/auditor/10.8/admin/monitoringplans/vmware/hiw_diagram_vma_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/admin/navigation/activity_records.webp b/static/images/auditor/10.8/admin/navigation/activity_records.webp
index b49adb339a..a2b64c9b88 100644
Binary files a/static/images/auditor/10.8/admin/navigation/activity_records.webp and b/static/images/auditor/10.8/admin/navigation/activity_records.webp differ
diff --git a/static/images/auditor/10.8/admin/navigation/alerts_triggered.webp b/static/images/auditor/10.8/admin/navigation/alerts_triggered.webp
index 4217ae8541..4f8f15f9dd 100644
Binary files a/static/images/auditor/10.8/admin/navigation/alerts_triggered.webp and b/static/images/auditor/10.8/admin/navigation/alerts_triggered.webp differ
diff --git a/static/images/auditor/10.8/admin/navigation/environment_stats.webp b/static/images/auditor/10.8/admin/navigation/environment_stats.webp
index 37ac35c723..9b24484285 100644
Binary files a/static/images/auditor/10.8/admin/navigation/environment_stats.webp and b/static/images/auditor/10.8/admin/navigation/environment_stats.webp differ
diff --git a/static/images/auditor/10.8/admin/navigation/favoritesrestorerefresh.webp b/static/images/auditor/10.8/admin/navigation/favoritesrestorerefresh.webp
index 3693c8c7e1..52c39d98cc 100644
Binary files a/static/images/auditor/10.8/admin/navigation/favoritesrestorerefresh.webp and b/static/images/auditor/10.8/admin/navigation/favoritesrestorerefresh.webp differ
diff --git a/static/images/auditor/10.8/admin/navigation/hs_screen_default_report_1.webp b/static/images/auditor/10.8/admin/navigation/hs_screen_default_report_1.webp
index e0ba3c9e0f..c8a71539ab 100644
Binary files a/static/images/auditor/10.8/admin/navigation/hs_screen_default_report_1.webp and b/static/images/auditor/10.8/admin/navigation/hs_screen_default_report_1.webp differ
diff --git a/static/images/auditor/10.8/admin/navigation/managerecommendations.webp b/static/images/auditor/10.8/admin/navigation/managerecommendations.webp
index 0520cc6d5c..8477e77355 100644
Binary files a/static/images/auditor/10.8/admin/navigation/managerecommendations.webp and b/static/images/auditor/10.8/admin/navigation/managerecommendations.webp differ
diff --git a/static/images/auditor/10.8/admin/navigation/monitroing_plans_overview.webp b/static/images/auditor/10.8/admin/navigation/monitroing_plans_overview.webp
index 6e5a643a3a..7463d2e4e8 100644
Binary files a/static/images/auditor/10.8/admin/navigation/monitroing_plans_overview.webp and b/static/images/auditor/10.8/admin/navigation/monitroing_plans_overview.webp differ
diff --git a/static/images/auditor/10.8/admin/navigation/recommendations.webp b/static/images/auditor/10.8/admin/navigation/recommendations.webp
index e5cc7f493e..16381220ff 100644
Binary files a/static/images/auditor/10.8/admin/navigation/recommendations.webp and b/static/images/auditor/10.8/admin/navigation/recommendations.webp differ
diff --git a/static/images/auditor/10.8/admin/navigation/recommendations_tile.webp b/static/images/auditor/10.8/admin/navigation/recommendations_tile.webp
index 92dee239b3..1f76343eae 100644
Binary files a/static/images/auditor/10.8/admin/navigation/recommendations_tile.webp and b/static/images/auditor/10.8/admin/navigation/recommendations_tile.webp differ
diff --git a/static/images/auditor/10.8/admin/navigation/remove_tile.webp b/static/images/auditor/10.8/admin/navigation/remove_tile.webp
index ab67425029..da01841d06 100644
Binary files a/static/images/auditor/10.8/admin/navigation/remove_tile.webp and b/static/images/auditor/10.8/admin/navigation/remove_tile.webp differ
diff --git a/static/images/auditor/10.8/admin/navigation/reportsfavorites.webp b/static/images/auditor/10.8/admin/navigation/reportsfavorites.webp
index 61c24a84e1..d994358ef0 100644
Binary files a/static/images/auditor/10.8/admin/navigation/reportsfavorites.webp and b/static/images/auditor/10.8/admin/navigation/reportsfavorites.webp differ
diff --git a/static/images/auditor/10.8/admin/navigation/reportsoptions.webp b/static/images/auditor/10.8/admin/navigation/reportsoptions.webp
index 6dc7f8326a..e62118d79f 100644
Binary files a/static/images/auditor/10.8/admin/navigation/reportsoptions.webp and b/static/images/auditor/10.8/admin/navigation/reportsoptions.webp differ
diff --git a/static/images/auditor/10.8/admin/navigation/reportsummary.webp b/static/images/auditor/10.8/admin/navigation/reportsummary.webp
index e7c04e672f..f1761c25b6 100644
Binary files a/static/images/auditor/10.8/admin/navigation/reportsummary.webp and b/static/images/auditor/10.8/admin/navigation/reportsummary.webp differ
diff --git a/static/images/auditor/10.8/admin/navigation/scenario_reports_1.webp b/static/images/auditor/10.8/admin/navigation/scenario_reports_1.webp
index 91eff1e75a..091d2b7cd7 100644
Binary files a/static/images/auditor/10.8/admin/navigation/scenario_reports_1.webp and b/static/images/auditor/10.8/admin/navigation/scenario_reports_1.webp differ
diff --git a/static/images/auditor/10.8/admin/navigation/scenario_reports_2.webp b/static/images/auditor/10.8/admin/navigation/scenario_reports_2.webp
index 92bb11c9c3..60378ff828 100644
Binary files a/static/images/auditor/10.8/admin/navigation/scenario_reports_2.webp and b/static/images/auditor/10.8/admin/navigation/scenario_reports_2.webp differ
diff --git a/static/images/auditor/10.8/admin/navigation/scenario_risks_thumb_0_0.webp b/static/images/auditor/10.8/admin/navigation/scenario_risks_thumb_0_0.webp
index 806321a642..655b8dead8 100644
Binary files a/static/images/auditor/10.8/admin/navigation/scenario_risks_thumb_0_0.webp and b/static/images/auditor/10.8/admin/navigation/scenario_risks_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/admin/navigation/section_left.webp b/static/images/auditor/10.8/admin/navigation/section_left.webp
index 52e2beb0fa..8143112b9d 100644
Binary files a/static/images/auditor/10.8/admin/navigation/section_left.webp and b/static/images/auditor/10.8/admin/navigation/section_left.webp differ
diff --git a/static/images/auditor/10.8/admin/navigation/welcome_section.webp b/static/images/auditor/10.8/admin/navigation/welcome_section.webp
index 49361e4f37..03f33956d2 100644
Binary files a/static/images/auditor/10.8/admin/navigation/welcome_section.webp and b/static/images/auditor/10.8/admin/navigation/welcome_section.webp differ
diff --git a/static/images/auditor/10.8/admin/reports/allactivedirectorychanges_thumb_0_0.webp b/static/images/auditor/10.8/admin/reports/allactivedirectorychanges_thumb_0_0.webp
index 33e9367dc0..1a3c761004 100644
Binary files a/static/images/auditor/10.8/admin/reports/allactivedirectorychanges_thumb_0_0.webp and b/static/images/auditor/10.8/admin/reports/allactivedirectorychanges_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/admin/reports/allchangesserver.webp b/static/images/auditor/10.8/admin/reports/allchangesserver.webp
index 52c67d4828..c0a3c3040c 100644
Binary files a/static/images/auditor/10.8/admin/reports/allchangesserver.webp and b/static/images/auditor/10.8/admin/reports/allchangesserver.webp differ
diff --git a/static/images/auditor/10.8/admin/reports/allchangesserverfiltered.webp b/static/images/auditor/10.8/admin/reports/allchangesserverfiltered.webp
index e26eb730ca..6d9222400c 100644
Binary files a/static/images/auditor/10.8/admin/reports/allchangesserverfiltered.webp and b/static/images/auditor/10.8/admin/reports/allchangesserverfiltered.webp differ
diff --git a/static/images/auditor/10.8/admin/reports/alluseractivityvideo_thumb_0_0.webp b/static/images/auditor/10.8/admin/reports/alluseractivityvideo_thumb_0_0.webp
index f8daabeb5e..6beb63eb79 100644
Binary files a/static/images/auditor/10.8/admin/reports/alluseractivityvideo_thumb_0_0.webp and b/static/images/auditor/10.8/admin/reports/alluseractivityvideo_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/admin/reports/reports_tile.webp b/static/images/auditor/10.8/admin/reports/reports_tile.webp
index 7421b7175d..95ad6f0ebd 100644
Binary files a/static/images/auditor/10.8/admin/reports/reports_tile.webp and b/static/images/auditor/10.8/admin/reports/reports_tile.webp differ
diff --git a/static/images/auditor/10.8/admin/reports/reviewstatus_thumb_0_0.webp b/static/images/auditor/10.8/admin/reports/reviewstatus_thumb_0_0.webp
index 3495ac3c40..342723dee0 100644
Binary files a/static/images/auditor/10.8/admin/reports/reviewstatus_thumb_0_0.webp and b/static/images/auditor/10.8/admin/reports/reviewstatus_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/admin/reports/searchreports_thumb_0_0.webp b/static/images/auditor/10.8/admin/reports/searchreports_thumb_0_0.webp
index cec65fdbf4..6a04641cde 100644
Binary files a/static/images/auditor/10.8/admin/reports/searchreports_thumb_0_0.webp and b/static/images/auditor/10.8/admin/reports/searchreports_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/admin/reports/types/customreport_thumb_0_0.webp b/static/images/auditor/10.8/admin/reports/types/customreport_thumb_0_0.webp
index 3b9deff254..9318a52c47 100644
Binary files a/static/images/auditor/10.8/admin/reports/types/customreport_thumb_0_0.webp and b/static/images/auditor/10.8/admin/reports/types/customreport_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/admin/reports/types/dashboard.webp b/static/images/auditor/10.8/admin/reports/types/dashboard.webp
index 14903aad0f..e32066fef5 100644
Binary files a/static/images/auditor/10.8/admin/reports/types/dashboard.webp and b/static/images/auditor/10.8/admin/reports/types/dashboard.webp differ
diff --git a/static/images/auditor/10.8/admin/reports/types/failedactivitytrend_thumb_0_0.webp b/static/images/auditor/10.8/admin/reports/types/failedactivitytrend_thumb_0_0.webp
index 35f923b705..eb88b0604d 100644
Binary files a/static/images/auditor/10.8/admin/reports/types/failedactivitytrend_thumb_0_0.webp and b/static/images/auditor/10.8/admin/reports/types/failedactivitytrend_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/admin/reports/types/stateintime/accountpermissionssqlserver_thumb_0_0.webp b/static/images/auditor/10.8/admin/reports/types/stateintime/accountpermissionssqlserver_thumb_0_0.webp
index 95fef30aa8..d0ce3b2f81 100644
Binary files a/static/images/auditor/10.8/admin/reports/types/stateintime/accountpermissionssqlserver_thumb_0_0.webp and b/static/images/auditor/10.8/admin/reports/types/stateintime/accountpermissionssqlserver_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/admin/reports/types/stateintime/fileshareswindowsservers.webp b/static/images/auditor/10.8/admin/reports/types/stateintime/fileshareswindowsservers.webp
index 06206e12e2..dfbe5a9350 100644
Binary files a/static/images/auditor/10.8/admin/reports/types/stateintime/fileshareswindowsservers.webp and b/static/images/auditor/10.8/admin/reports/types/stateintime/fileshareswindowsservers.webp differ
diff --git a/static/images/auditor/10.8/admin/reports/types/stateintime/objectpermissionssqlserver_thumb_0_0.webp b/static/images/auditor/10.8/admin/reports/types/stateintime/objectpermissionssqlserver_thumb_0_0.webp
index 0ecdb5a01c..61ee585664 100644
Binary files a/static/images/auditor/10.8/admin/reports/types/stateintime/objectpermissionssqlserver_thumb_0_0.webp and b/static/images/auditor/10.8/admin/reports/types/stateintime/objectpermissionssqlserver_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/admin/reports/types/stateintime/sqlserverdatabases_thumb_0_0.webp b/static/images/auditor/10.8/admin/reports/types/stateintime/sqlserverdatabases_thumb_0_0.webp
index 043e393493..98f8a516c8 100644
Binary files a/static/images/auditor/10.8/admin/reports/types/stateintime/sqlserverdatabases_thumb_0_0.webp and b/static/images/auditor/10.8/admin/reports/types/stateintime/sqlserverdatabases_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/admin/reports/types/stateintime/sqlserverlevelroles.webp b/static/images/auditor/10.8/admin/reports/types/stateintime/sqlserverlevelroles.webp
index 183603009f..593eca6bd6 100644
Binary files a/static/images/auditor/10.8/admin/reports/types/stateintime/sqlserverlevelroles.webp and b/static/images/auditor/10.8/admin/reports/types/stateintime/sqlserverlevelroles.webp differ
diff --git a/static/images/auditor/10.8/admin/reports/types/stateintime/sqlservermeansgranted.webp b/static/images/auditor/10.8/admin/reports/types/stateintime/sqlservermeansgranted.webp
index cb2c17ecb6..237ddd301b 100644
Binary files a/static/images/auditor/10.8/admin/reports/types/stateintime/sqlservermeansgranted.webp and b/static/images/auditor/10.8/admin/reports/types/stateintime/sqlservermeansgranted.webp differ
diff --git a/static/images/auditor/10.8/admin/reports/types/stateintime/sqlservermeansgranteddetails.webp b/static/images/auditor/10.8/admin/reports/types/stateintime/sqlservermeansgranteddetails.webp
index cca69d988b..e708426c32 100644
Binary files a/static/images/auditor/10.8/admin/reports/types/stateintime/sqlservermeansgranteddetails.webp and b/static/images/auditor/10.8/admin/reports/types/stateintime/sqlservermeansgranteddetails.webp differ
diff --git a/static/images/auditor/10.8/admin/reports/types/stateintime/windowsserverinventory_thumb_0_0.webp b/static/images/auditor/10.8/admin/reports/types/stateintime/windowsserverinventory_thumb_0_0.webp
index 42b396b15c..f58ab31d36 100644
Binary files a/static/images/auditor/10.8/admin/reports/types/stateintime/windowsserverinventory_thumb_0_0.webp and b/static/images/auditor/10.8/admin/reports/types/stateintime/windowsserverinventory_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/admin/reports/types/userbehaviorblindspotanalysis_thumb_0_0.webp b/static/images/auditor/10.8/admin/reports/types/userbehaviorblindspotanalysis_thumb_0_0.webp
index b69663c272..5c6cca14f7 100644
Binary files a/static/images/auditor/10.8/admin/reports/types/userbehaviorblindspotanalysis_thumb_0_0.webp and b/static/images/auditor/10.8/admin/reports/types/userbehaviorblindspotanalysis_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/admin/riskassessment/dashboard_thumb_0_0.webp b/static/images/auditor/10.8/admin/riskassessment/dashboard_thumb_0_0.webp
index 6eff78db55..c32ef781bb 100644
Binary files a/static/images/auditor/10.8/admin/riskassessment/dashboard_thumb_0_0.webp and b/static/images/auditor/10.8/admin/riskassessment/dashboard_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/admin/riskassessment/edit_data_source_sit.webp b/static/images/auditor/10.8/admin/riskassessment/edit_data_source_sit.webp
index fb230b87ab..a4bd71bb3a 100644
Binary files a/static/images/auditor/10.8/admin/riskassessment/edit_data_source_sit.webp and b/static/images/auditor/10.8/admin/riskassessment/edit_data_source_sit.webp differ
diff --git a/static/images/auditor/10.8/admin/riskassessment/edit_mp_open_ds_settings_thumb_0_0.webp b/static/images/auditor/10.8/admin/riskassessment/edit_mp_open_ds_settings_thumb_0_0.webp
index 0f57804ab3..f73d37242a 100644
Binary files a/static/images/auditor/10.8/admin/riskassessment/edit_mp_open_ds_settings_thumb_0_0.webp and b/static/images/auditor/10.8/admin/riskassessment/edit_mp_open_ds_settings_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/admin/riskassessment/edit_mp_store_data_to_db_thumb_0_0.webp b/static/images/auditor/10.8/admin/riskassessment/edit_mp_store_data_to_db_thumb_0_0.webp
index 56e316208e..fe4f29c322 100644
Binary files a/static/images/auditor/10.8/admin/riskassessment/edit_mp_store_data_to_db_thumb_0_0.webp and b/static/images/auditor/10.8/admin/riskassessment/edit_mp_store_data_to_db_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/admin/riskassessment/modify_thresholds_thumb_0_0.webp b/static/images/auditor/10.8/admin/riskassessment/modify_thresholds_thumb_0_0.webp
index 36cfd6492f..5540d66d21 100644
Binary files a/static/images/auditor/10.8/admin/riskassessment/modify_thresholds_thumb_0_0.webp and b/static/images/auditor/10.8/admin/riskassessment/modify_thresholds_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/admin/search/add.webp b/static/images/auditor/10.8/admin/search/add.webp
index fe874c2de8..b80e318f5d 100644
Binary files a/static/images/auditor/10.8/admin/search/add.webp and b/static/images/auditor/10.8/admin/search/add.webp differ
diff --git a/static/images/auditor/10.8/admin/search/addsuggestions.webp b/static/images/auditor/10.8/admin/search/addsuggestions.webp
index c064ff8445..0877f34ebf 100644
Binary files a/static/images/auditor/10.8/admin/search/addsuggestions.webp and b/static/images/auditor/10.8/admin/search/addsuggestions.webp differ
diff --git a/static/images/auditor/10.8/admin/search/advanced_thumb_0_0.webp b/static/images/auditor/10.8/admin/search/advanced_thumb_0_0.webp
index f62b7a75d0..8dee1f150c 100644
Binary files a/static/images/auditor/10.8/admin/search/advanced_thumb_0_0.webp and b/static/images/auditor/10.8/admin/search/advanced_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/admin/search/advancedexample_thumb_0_0.webp b/static/images/auditor/10.8/admin/search/advancedexample_thumb_0_0.webp
index b7c54a8963..b8c1986d67 100644
Binary files a/static/images/auditor/10.8/admin/search/advancedexample_thumb_0_0.webp and b/static/images/auditor/10.8/admin/search/advancedexample_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/admin/search/advancedfilters_thumb_0_0.webp b/static/images/auditor/10.8/admin/search/advancedfilters_thumb_0_0.webp
index ca5313e4bc..8a02df9b0c 100644
Binary files a/static/images/auditor/10.8/admin/search/advancedfilters_thumb_0_0.webp and b/static/images/auditor/10.8/admin/search/advancedfilters_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/admin/search/search_filter.webp b/static/images/auditor/10.8/admin/search/search_filter.webp
index 655cdef9ca..83e37c0e04 100644
Binary files a/static/images/auditor/10.8/admin/search/search_filter.webp and b/static/images/auditor/10.8/admin/search/search_filter.webp differ
diff --git a/static/images/auditor/10.8/admin/search/search_modify_filter.webp b/static/images/auditor/10.8/admin/search/search_modify_filter.webp
index 0500497e81..638f33f643 100644
Binary files a/static/images/auditor/10.8/admin/search/search_modify_filter.webp and b/static/images/auditor/10.8/admin/search/search_modify_filter.webp differ
diff --git a/static/images/auditor/10.8/admin/search/search_nofilter_1.webp b/static/images/auditor/10.8/admin/search/search_nofilter_1.webp
index f41eebf8e0..d14b619b55 100644
Binary files a/static/images/auditor/10.8/admin/search/search_nofilter_1.webp and b/static/images/auditor/10.8/admin/search/search_nofilter_1.webp differ
diff --git a/static/images/auditor/10.8/admin/search/search_tile.webp b/static/images/auditor/10.8/admin/search/search_tile.webp
index 8cd32c843a..4730e4dc62 100644
Binary files a/static/images/auditor/10.8/admin/search/search_tile.webp and b/static/images/auditor/10.8/admin/search/search_tile.webp differ
diff --git a/static/images/auditor/10.8/admin/settings/audit_db_settings_thumb_0_0.webp b/static/images/auditor/10.8/admin/settings/audit_db_settings_thumb_0_0.webp
index 8c14b856f3..899708de25 100644
Binary files a/static/images/auditor/10.8/admin/settings/audit_db_settings_thumb_0_0.webp and b/static/images/auditor/10.8/admin/settings/audit_db_settings_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/admin/settings/lta_settings_thumb_0_0.webp b/static/images/auditor/10.8/admin/settings/lta_settings_thumb_0_0.webp
index d74ca8ac5a..a697e0f29f 100644
Binary files a/static/images/auditor/10.8/admin/settings/lta_settings_thumb_0_0.webp and b/static/images/auditor/10.8/admin/settings/lta_settings_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/admin/settings/npsclientcertificate.webp b/static/images/auditor/10.8/admin/settings/npsclientcertificate.webp
index 31d2020cdf..0d8576b65a 100644
Binary files a/static/images/auditor/10.8/admin/settings/npsclientcertificate.webp and b/static/images/auditor/10.8/admin/settings/npsclientcertificate.webp differ
diff --git a/static/images/auditor/10.8/admin/settings/npsintegrationfinished.webp b/static/images/auditor/10.8/admin/settings/npsintegrationfinished.webp
index 1c09e58826..771815fd54 100644
Binary files a/static/images/auditor/10.8/admin/settings/npsintegrationfinished.webp and b/static/images/auditor/10.8/admin/settings/npsintegrationfinished.webp differ
diff --git a/static/images/auditor/10.8/admin/settings/npsintegrationparameters.webp b/static/images/auditor/10.8/admin/settings/npsintegrationparameters.webp
index 51c099c1ac..a5a35254ac 100644
Binary files a/static/images/auditor/10.8/admin/settings/npsintegrationparameters.webp and b/static/images/auditor/10.8/admin/settings/npsintegrationparameters.webp differ
diff --git a/static/images/auditor/10.8/admin/settings/report_rebranding_result_thumb_0_0.webp b/static/images/auditor/10.8/admin/settings/report_rebranding_result_thumb_0_0.webp
index c803ac5131..3be93eed35 100644
Binary files a/static/images/auditor/10.8/admin/settings/report_rebranding_result_thumb_0_0.webp and b/static/images/auditor/10.8/admin/settings/report_rebranding_result_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/admin/settings/report_rebranding_thumb_0_0.webp b/static/images/auditor/10.8/admin/settings/report_rebranding_thumb_0_0.webp
index e1f88e4339..7fb99f35f8 100644
Binary files a/static/images/auditor/10.8/admin/settings/report_rebranding_thumb_0_0.webp and b/static/images/auditor/10.8/admin/settings/report_rebranding_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/admin/settings/usersessions_storage.webp b/static/images/auditor/10.8/admin/settings/usersessions_storage.webp
index 82205b0624..bc76926d02 100644
Binary files a/static/images/auditor/10.8/admin/settings/usersessions_storage.webp and b/static/images/auditor/10.8/admin/settings/usersessions_storage.webp differ
diff --git a/static/images/auditor/10.8/admin/subscriptions/subscription.webp b/static/images/auditor/10.8/admin/subscriptions/subscription.webp
index 58b8931c35..b8d01ddd0f 100644
Binary files a/static/images/auditor/10.8/admin/subscriptions/subscription.webp and b/static/images/auditor/10.8/admin/subscriptions/subscription.webp differ
diff --git a/static/images/auditor/10.8/api/apiactivity_thumb_0_0.webp b/static/images/auditor/10.8/api/apiactivity_thumb_0_0.webp
index 73e101f626..37c45c202b 100644
Binary files a/static/images/auditor/10.8/api/apiactivity_thumb_0_0.webp and b/static/images/auditor/10.8/api/apiactivity_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/api/apiactivitydetails.webp b/static/images/auditor/10.8/api/apiactivitydetails.webp
index 55c0b12d98..207c623297 100644
Binary files a/static/images/auditor/10.8/api/apiactivitydetails.webp and b/static/images/auditor/10.8/api/apiactivitydetails.webp differ
diff --git a/static/images/auditor/10.8/api/diagram_thumb_0_0.webp b/static/images/auditor/10.8/api/diagram_thumb_0_0.webp
index a9bdf78787..33bcfbdd4a 100644
Binary files a/static/images/auditor/10.8/api/diagram_thumb_0_0.webp and b/static/images/auditor/10.8/api/diagram_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/configuration/activedirectory/mp_wizard_step1_ad_thumb_0_0.webp b/static/images/auditor/10.8/configuration/activedirectory/mp_wizard_step1_ad_thumb_0_0.webp
index 459933bb4d..8246f64591 100644
Binary files a/static/images/auditor/10.8/configuration/activedirectory/mp_wizard_step1_ad_thumb_0_0.webp and b/static/images/auditor/10.8/configuration/activedirectory/mp_wizard_step1_ad_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/configuration/activedirectoryfederatedservices/mp_adfs_listing_thumb_0_0.webp b/static/images/auditor/10.8/configuration/activedirectoryfederatedservices/mp_adfs_listing_thumb_0_0.webp
index 89b4e79ce8..4f881e7a50 100644
Binary files a/static/images/auditor/10.8/configuration/activedirectoryfederatedservices/mp_adfs_listing_thumb_0_0.webp and b/static/images/auditor/10.8/configuration/activedirectoryfederatedservices/mp_adfs_listing_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/configuration/activedirectoryfederatedservices/mp_data_source_ad_fs_thumb_0_0.webp b/static/images/auditor/10.8/configuration/activedirectoryfederatedservices/mp_data_source_ad_fs_thumb_0_0.webp
index 258317bb8c..36a0619bbc 100644
Binary files a/static/images/auditor/10.8/configuration/activedirectoryfederatedservices/mp_data_source_ad_fs_thumb_0_0.webp and b/static/images/auditor/10.8/configuration/activedirectoryfederatedservices/mp_data_source_ad_fs_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/configuration/fileservers/nutanix/nutanix_item_mp_thumb_0_0.webp b/static/images/auditor/10.8/configuration/fileservers/nutanix/nutanix_item_mp_thumb_0_0.webp
index 0fe1f49955..a26dec70f5 100644
Binary files a/static/images/auditor/10.8/configuration/fileservers/nutanix/nutanix_item_mp_thumb_0_0.webp and b/static/images/auditor/10.8/configuration/fileservers/nutanix/nutanix_item_mp_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/configuration/fileservers/nutanix/nutanix_item_restapi_thumb_0_0.webp b/static/images/auditor/10.8/configuration/fileservers/nutanix/nutanix_item_restapi_thumb_0_0.webp
index aca2aa2591..5e0b5e3e07 100644
Binary files a/static/images/auditor/10.8/configuration/fileservers/nutanix/nutanix_item_restapi_thumb_0_0.webp and b/static/images/auditor/10.8/configuration/fileservers/nutanix/nutanix_item_restapi_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/configuration/grouppolicy/npsdatacollectingaccount.webp b/static/images/auditor/10.8/configuration/grouppolicy/npsdatacollectingaccount.webp
index 20e10c34c4..2dceb0744e 100644
Binary files a/static/images/auditor/10.8/configuration/grouppolicy/npsdatacollectingaccount.webp and b/static/images/auditor/10.8/configuration/grouppolicy/npsdatacollectingaccount.webp differ
diff --git a/static/images/auditor/10.8/configuration/grouppolicy/npsdatacollectingaccountresourced.webp b/static/images/auditor/10.8/configuration/grouppolicy/npsdatacollectingaccountresourced.webp
index 98c8a5f965..6b30a93b2a 100644
Binary files a/static/images/auditor/10.8/configuration/grouppolicy/npsdatacollectingaccountresourced.webp and b/static/images/auditor/10.8/configuration/grouppolicy/npsdatacollectingaccountresourced.webp differ
diff --git a/static/images/auditor/10.8/configuration/windowsserver/customregistrykey.webp b/static/images/auditor/10.8/configuration/windowsserver/customregistrykey.webp
index 05290d8a4e..599a2955e5 100644
Binary files a/static/images/auditor/10.8/configuration/windowsserver/customregistrykey.webp and b/static/images/auditor/10.8/configuration/windowsserver/customregistrykey.webp differ
diff --git a/static/images/auditor/10.8/install/installationscreen.webp b/static/images/auditor/10.8/install/installationscreen.webp
index f8bcf76c38..374ef7c0ff 100644
Binary files a/static/images/auditor/10.8/install/installationscreen.webp and b/static/images/auditor/10.8/install/installationscreen.webp differ
diff --git a/static/images/auditor/10.8/install/welcome_screen.webp b/static/images/auditor/10.8/install/welcome_screen.webp
index 673b8b5681..30b9ef6c94 100644
Binary files a/static/images/auditor/10.8/install/welcome_screen.webp and b/static/images/auditor/10.8/install/welcome_screen.webp differ
diff --git a/static/images/auditor/10.8/install/welcome_screen_thumb_0_0.webp b/static/images/auditor/10.8/install/welcome_screen_thumb_0_0.webp
index 673b8b5681..5d7f7e18bd 100644
Binary files a/static/images/auditor/10.8/install/welcome_screen_thumb_0_0.webp and b/static/images/auditor/10.8/install/welcome_screen_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/requirements/archive_modify_settings_thumb_0_0.webp b/static/images/auditor/10.8/requirements/archive_modify_settings_thumb_0_0.webp
index 400a1488af..a697e0f29f 100644
Binary files a/static/images/auditor/10.8/requirements/archive_modify_settings_thumb_0_0.webp and b/static/images/auditor/10.8/requirements/archive_modify_settings_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/requirements/audit_db_settings.webp b/static/images/auditor/10.8/requirements/audit_db_settings.webp
index 8c14b856f3..0b64d873d5 100644
Binary files a/static/images/auditor/10.8/requirements/audit_db_settings.webp and b/static/images/auditor/10.8/requirements/audit_db_settings.webp differ
diff --git a/static/images/auditor/10.8/requirements/auditorarchitecture_thumb_0_0.webp b/static/images/auditor/10.8/requirements/auditorarchitecture_thumb_0_0.webp
index 75eef5159c..325a2a874e 100644
Binary files a/static/images/auditor/10.8/requirements/auditorarchitecture_thumb_0_0.webp and b/static/images/auditor/10.8/requirements/auditorarchitecture_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/requirements/gmsa.webp b/static/images/auditor/10.8/requirements/gmsa.webp
index e7125a1315..bbba5c7fef 100644
Binary files a/static/images/auditor/10.8/requirements/gmsa.webp and b/static/images/auditor/10.8/requirements/gmsa.webp differ
diff --git a/static/images/auditor/10.8/requirements/na_setup_select_type_thumb_0_0.webp b/static/images/auditor/10.8/requirements/na_setup_select_type_thumb_0_0.webp
index dd81d58b94..f803190615 100644
Binary files a/static/images/auditor/10.8/requirements/na_setup_select_type_thumb_0_0.webp and b/static/images/auditor/10.8/requirements/na_setup_select_type_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/tools/assessment_results_thumb_0_0.webp b/static/images/auditor/10.8/tools/assessment_results_thumb_0_0.webp
index d956dcd592..4ac2c1fd65 100644
Binary files a/static/images/auditor/10.8/tools/assessment_results_thumb_0_0.webp and b/static/images/auditor/10.8/tools/assessment_results_thumb_0_0.webp differ
diff --git a/static/images/auditor/10.8/tools/audit_cfg_assist_creds.webp b/static/images/auditor/10.8/tools/audit_cfg_assist_creds.webp
index 80c62e40b9..65842327c6 100644
Binary files a/static/images/auditor/10.8/tools/audit_cfg_assist_creds.webp and b/static/images/auditor/10.8/tools/audit_cfg_assist_creds.webp differ