DZone
Thanks for visiting DZone today,
Edit Profile
  • Manage Email Subscriptions
  • How to Post to DZone
  • Article Submission Guidelines
Sign Out View Profile
  • Post an Article
  • Manage My Drafts
Over 2 million developers have joined DZone.
Log In / Join
Refcards Trend Reports
Events Video Library
Over 2 million developers have joined DZone. Join Today! Thanks for visiting DZone today,
Edit Profile Manage Email Subscriptions Moderation Admin Console How to Post to DZone Article Submission Guidelines
View Profile
Sign Out
Refcards
Trend Reports
Events
View Events Video Library
Zones
Culture and Methodologies Agile Career Development Methodologies Team Management
Data Engineering AI/ML Big Data Data Databases IoT
Software Design and Architecture Cloud Architecture Containers Integration Microservices Performance Security
Coding Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks
Culture and Methodologies
Agile Career Development Methodologies Team Management
Data Engineering
AI/ML Big Data Data Databases IoT
Software Design and Architecture
Cloud Architecture Containers Integration Microservices Performance Security
Coding
Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance
Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks

Integrating PostgreSQL Databases with ANF: Join this workshop to learn how to create a PostgreSQL server using Instaclustr’s managed service

Mobile Database Essentials: Assess data needs, storage requirements, and more when leveraging databases for cloud and edge applications.

Monitoring and Observability for LLMs: Datadog and Google Cloud discuss how to achieve optimal AI model performance.

Automated Testing: The latest on architecture, TDD, and the benefits of AI and low-code tools.

Related

  • How To Build a Google Photos Clone - Part 1
  • Mule ESB 3.9: Validate Files in Local Directory Using Groovy Component (Google Guava)
  • Understanding Google Analytics 4, Server-Side Tracking, and GDPR Compliance
  • Integrating Google Cloud Platform Services With Kubernetes

Trending

  • Effective Tips for Debugging Complex Code in Java
  • Architecting a Completely Private VPC Network and Automating the Deployment
  • The Promise of Personal Data for Better Living
  • Build a Serverless App Fast with Zipper: Write TypeScript, Offload Everything Else
  1. DZone
  2. Software Design and Architecture
  3. Microservices
  4. How to Monitor Active Directory With Google Stackdriver

How to Monitor Active Directory With Google Stackdriver

Set up monitoring and configure templates for monitoring your Active Directory.

Kyle Bederka user avatar by
Kyle Bederka
·
Nov. 15, 19 · Tutorial
Like (1)
Save
Tweet
Share
6.46K Views

Join the DZone community and get the full member experience.

Join For Free


DirectoryConfirgure Google Stackdriver and Bindplane to monitor your Active Directory


What is Active Directory?

Active Directory stores information about objects handled on a network and makes it easy for admins and other users to access and utilize the data. When using the Active Directory Domain Service (AD DS) on a server, you get a domain controller. A domain controller automatically authenticates and authorizes all of the devices and users on the network, easily assigning and enforcing the security policies. Active Directory also includes the ability to create a schema that allows you to define classes and constraints for objects and attributes that are found in the directory. Another useful tool that can be found in AD is the replication service that distributes the directory data across the network.


Stackdriver for Microsoft Active Directory

Before you start setting up Active Directory observability with Stackdriver, you may be wondering, “Why would I want to monitor Active Directory when it does everything automatically?” As you most likely know, cybersecurity and data integrity are extremely important when it comes to protecting your organization’s assets. Implementing Google Stackdriver with BindPlane logs to monitor the data collected by AD DS and its other services will let you check all of the log-on attempts and authorizations that occur on your network. You can also use this data to understand if there are any unauthorized log-ons or access attempts, and see how frequently they are occurring. Google Stackdriver will make this easy through the use of the logging feature, which allows you to create custom alerts and dashboards, giving you easy visibility into the security activity of your network. Along with security, you can use Stackdriver to monitor the integrity of your data that is stored throughout your network.

AD and Stackdriver

AD and Stackdriver




Getting Started: Monitoring Active Directory via Logs

If you’re like most DevOps practitioners, you’ve probably increased your use of log tools to monitor networks and infrastructure. Whether they are being used to monitor systems health or network security, log tools provide valuable insights that you would otherwise need to do some serious digging and synthesizing to find. This can turn into a very expensive environment to deal with with the help of SEIM tools. To get you started streaming logs to help you monitor your Active Directory, we will take you through a quick overview of how to set up AD with BindPlane, a free-to-use tool, to seamlessly integrate the service into Stackdriver.


First Time Setup: Installing an Agent

If it is your first time setting up BindPlane, then you will need to install your agent. You will find the agent page in the logs tab on BindPlane, there you will select the “add agent” button.

Add agent button

Add agent button


Once you follow the prompts to configure and install the agent, you will then be prompted to select the deployment platform (Windows, Linux or Kubernetes) to install the agent on and follow the on-screen instructions. For a more in-depth explanation on configuring your new agent visit BindPlane’s Agent documents page. Once the Agent is deployed, you will be able to view the Agent status as shown below:


Agent Status

Agent Status



Create Destination

The next step in setting up your log monitoring is to create your Destination. The Destination is where you want to send your logs. In this case, your destination will be Stackadriver. To create the destination, you will navigate to the agent and select “Deploy Destination” and choose “Add new.”

Adding destination

Adding destination



After selecting Google Stackdriver, you will need to configure your new destination. Here you will link your GCP project and Stackdriver account to BindPlane. A Google IAM service account is required, and certain API activations. For more information on configuring your destination for the first time visit our destination documentation page.

Configure stackdriver destination

Configure stackdriver destination



Create a Source

Now that you have your Agent set up and your destination configured, it is time to create your source. The source is where you will be collecting your logs from, and in this case the source will be Active Directory. To set up AD as your new source, the first thing you will do in BindPlane Logs is select, “Deploy source” and choose "Add Source Configuration." Once that is done, you will then choose Active Directory to set up logs monitoring.

Once you have selected AD, fill in the required fields and click “Create.” For more information about the fields, you can mouse over the tool tip to learn more

Configure Active Directory Source

Configure Active Directory Source


Now that you have configured all of the steps, you can return to the agent screen and see your Agent status, Destination configuration, and source configuration.

Agent overview

Agent overview


Creating and Using Templates

BindPlane logs also gives you the ability to create templates for your configurations. Using these templates will save you a lot of time when you have multiple deployments with only a couple of differences. For example, you may have multiple sources you want to monitor, but they all run on the same agent and deploy to the same destination. Using these templates will allow you to have those agents and destinations pre-configured, which just leaves you with configuring the different sources.

Template

Template


Benefits of Using Stackdriver Logging

When monitoring your Active Directory, the number of logs being output from your system will be overwhelming to comb through to find anything of importance. To help with this, Stackdriver Logging comes with the capability to create alerts that notify you when a certain event is triggered. For example, alerts can be set up for Active Directory to notify you if any of the constraints or limits you created for your objects in your schema has been violated. The log data streamed by BindPlane includes a JSON payload that gives you a more contextual look on what is included within each log entry such as the container ID, the severity level, and other insights depending on the event.

AD logging

AD logging


For example, you can track all of the log-on attempts that occur on your active directory. These graphs also allow you to filter by time, helping you dive deeper into the data, hopefully allowing you to gain a better insight on any issues you may be having.

Further Reading

Stackdriver Logging - Google Cloud Logging Service

Azure Active Directory Is Not Active Directory!

Directory Monitor (synchronization) Google (verb)

Opinions expressed by DZone contributors are their own.

Related

  • How To Build a Google Photos Clone - Part 1
  • Mule ESB 3.9: Validate Files in Local Directory Using Groovy Component (Google Guava)
  • Understanding Google Analytics 4, Server-Side Tracking, and GDPR Compliance
  • Integrating Google Cloud Platform Services With Kubernetes

Comments

Partner Resources

X

ABOUT US

  • About DZone
  • Send feedback
  • Careers
  • Sitemap

ADVERTISE

  • Advertise with DZone

CONTRIBUTE ON DZONE

  • Article Submission Guidelines
  • Become a Contributor
  • Visit the Writers' Zone

LEGAL

  • Terms of Service
  • Privacy Policy

CONTACT US

  • 3343 Perimeter Hill Drive
  • Suite 100
  • Nashville, TN 37211
  • support@dzone.com

Let's be friends: