Starting today, we are launching a video series that will show you how to use NetIQ product more effectively and answer many of the common ‘how do you do that?’ questions we receive. We will be adding short videos regularly that will expand on what you already know or have picked up from this series.

We’ll start out by showing NetIQ Change Guardian for Windows users how to create filters to monitor a critical windows file folder for activity.

Create File Filters

Change Guardian for Windows lets you monitor for and be alerted to unauthorized access to critical information stored in files or folders on a Microsoft Windows machine.  This video demonstrates how to configure Change Guardian for Windows to monitor a folder as well as set the windows of time that accessing these files would be normal or abnormal.

I hope this is useful; stay tuned for the next installment and if there is something you would really like us to cover do not hesitate to ask.

0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
You need to be a registered member to rate this post.

Disclaimer: As with everything else at NetIQ Cool Solutions, this content is definitely not supported by NetIQ, so Customer Support will not be able to help you if it has any adverse effect on your environment.  It just worked for at least one person, and perhaps it will be useful for you too.  Be sure to test in a non-production environment.

Leave a Reply


  • Anonymous says:

    ..the life of Qmunity and to quote many a British pantomime "what do you think of it so far?"

  • SzZsolt says:

    The video shows a very good BAD example how to mess up a filter…
    1) the first rule in the beginning contained also the deletion rule enabled as well, the deletion rule was the second. By processing the CGW rules, I presume, that the second rule is never called this way.
    2) In the current situation the file was DELETED by the presenter user, but in behind windows just MOVED it to the RECYCLER. Therefore the deletion rule will never be called (and the monitoring user will always have to browse among the Warnings for deletions), unless the user deletes with SHIFT+DEL…
    Bad example, bad practice…

  • NetIQ says:

    Thanks IRM Expert for the feedback. I agree this is not a great example. I really appreciate you first viewing the video and taking the time to comment. We are excited about developing more content for Qmunity and you have pointed out what my next video will be.



  • SzZsolt says:

    You are always welcome!
    Oh, and looking forward to see more video in the series.

  • rucihto says:

    hi there,..i’m a user who use this change guardian for windows filter, but unfortunately my NetIQ Security Manager (central computer, database+reporting server and log archive server) are in the management segment and only open port 1270/TCP for communicate from agent to central computer, when i want to configure CGW, i figured the problem that my central computer could not communicate with agents…is there any port should be opened to enable this CGW…your video only shows in ideal situation….

By: NetIQ
Feb 5, 2009
1:50 pm
Active Directory Authentication Automation Cloud Computing Cloud Security Configuration Customizing Data Breach DirXML Drivers End User Management Identity Manager Importing-Exporting / ICE/ LDIF Intelligent Workload Management IT Security Knowledge Depot LDAP Monitoring Open Enterprise Server Passwords Reporting Secure Access Supported Troubleshooting Workflow