|host_description| - NTDS

Windows - NTDS - Auths (WMI) |host_description| - NTDS - Auths 1 120 500 on on 2 on on 100 0 1000 auths per/sec hash_080016eab6dbee49011c47a2f132de605ec21d FF0000 FF 4 1 0 hash_060016e9c43831e54eca8069317a2ce8c6f751 Kerberos Auths: 5 hash_080016eab6dbee49011c47a2f132de605ec21d 0 FF 9 4 0 hash_060016e9c43831e54eca8069317a2ce8c6f751 Current: 6 hash_080016eab6dbee49011c47a2f132de605ec21d 0 FF 9 1 0 hash_060016e9c43831e54eca8069317a2ce8c6f751 Average: 7 hash_080016eab6dbee49011c47a2f132de605ec21d 0 FF 9 3 0 hash_060016e9c43831e54eca8069317a2ce8c6f751 Maximum: on 8 hash_08001605faecbe907ab2633fe694a750f0e9e6 4444FF FF 4 1 0 hash_060016e9c43831e54eca8069317a2ce8c6f751 NTLM Auths: 9 hash_08001605faecbe907ab2633fe694a750f0e9e6 0 FF 9 4 0 hash_060016e9c43831e54eca8069317a2ce8c6f751 Current: 10 hash_08001605faecbe907ab2633fe694a750f0e9e6 0 FF 9 1 0 hash_060016e9c43831e54eca8069317a2ce8c6f751 Average: 11 hash_08001605faecbe907ab2633fe694a750f0e9e6 0 FF 9 3 0 hash_060016e9c43831e54eca8069317a2ce8c6f751 Maximum: on 12 Data Source [NTLMAuths] task_item_id hash_00001642ee1eac7d42cc0675bc6bc32056ce0a|hash_000016fc7b4e759bfca27973814c382120ab62|hash_000016435b5f64151f980a6be8810cbd677954|hash_00001602d5afff15ab95f2301e3abcb97db6dd Data Source [KerberosAuths] task_item_id hash_00001691e69fe0470bd740707d6600ab6c3397|hash_0000167f83ed18442c3992315b6ecc11848746|hash_000016ef04d702398184d6271991872d2191b4|hash_000016228cc080906d291fd8d108975f3bf3f3 Windows - NTDS - DS (WMI) |host_description| - NTDS - DS hash_030016e8ad067611631abf48be5adaabeb6d91 300 on hash_150016c21df5178e5c955013591239eb0afd46|hash_1500160d9c0af8b8acdc7807943937b3208e29|hash_1500166fc2d038fb42950138b0ce3e9874cc60|hash_150016e36f3adb9f152adfa5dc50fd2b23337e Binds 0 100000000000 2 600 hash_0700164afd93c517a623d27b073aef36af239f NameTranslations 0 100000000000 2 600 hash_0700160e4c8cd0a3c1c0a514795df1df6646f9 Reads 0 100000000000 2 600 hash_07001631bedde7ad11dcef9a80549f4235a408 Searches 0 100000000000 2 600 hash_070016325418f7062efb2246f9c59fdcecb180 Writes 0 100000000000 2 600 hash_070016e8a332821bf54e50615da5f0889809f3 KerberosAuths 0 100000000000 2 600 hash_070016d14fa9d86687447d66feaed62e4c04ad NTLMAuths 0 100000000000 2 600 hash_07001639c1cacfb7e24eb8b3df033503939963 hash_070016e1be275015382807006fcc5f0a334d0f hash_07001617604fa0bde1479a81d5e343a8365124 hash_070016ac03e736b666de5cc9f57be8cfc5f08c Win32_PerfRawData_NTDS_NTDS hash_07001630bfcd5c65edaaeced18df3da45ed35f DSClientBindsPersec,DSClientNameTranslationsPersec,DSDirectoryReadsPersec,DSDirectorySearchesPersec,DSDirectoryWritesPersec,KerberosAuthentications,NTLMAuthentications hash_07001635f8275412491d899fbb6694c2fe9fbe credential hash_070016c0fde84802c8917276c75f12dc0e775a WMI - NTDS (DS) 1 /usr/bin/php -q /path/to/wmi.php <host> <credential> <class> <columns> <filter> <filterval> Hostname hostname in host Credential in credential Class in class Columns in columns Filter on in filter Filter Value on in filterval DSClientBindsPersec on out DSClientBindsPersec DSClientNameTranslationsPersec on out DSClientNameTranslationsPersec DSDirectoryReadsPersec on out DSDirectoryReadsPersec DSDirectorySearchesPersec on out DSDirectorySearchesPersec DSDirectoryWritesPersec on out DSDirectoryWritesPersec NTLMAuthentications on out NTLMAuthentications KerberosAuthentications on out KerberosAuthentications Daily (5 Minute Average) 0.5 1 600 86400 1|2|3|4 Weekly (30 Minute Average) 0.5 6 700 604800 1|2|3|4 Monthly (2 Hour Average) 0.5 24 775 2678400 1|2|3|4 Yearly (1 Day Average) 0.5 288 797 33053184 1|2|3|4 Normal %8.2lf %s