Just finished developing this tool….Here is my Video log on the Tool
The software is now available on github
The FIM 2010 R2/MIM 2016 Object audit tool is designed to give Auditors and Security professionals a tool to examine the request logs of FIM when there is an incident investigation. It also gives FIM Administrators a tool to review FIM activity and plan for the future.
It offers 3 options
- Query the logs for who made a change on an object in a particular time frame.
- Query the logs for when a change was made on a particular object.
- Query the logs for when a particular attribute was changed on an Object.
- Query the logs for changes (Updates/Creates) to an Object in a particular time frame. With option to export the results.
- A mini summary of Object activity in a particular time frame. With option to export the results.