home home
Other Sites
  • ArcticWolf.com
  • Unified Portal
  • Arctic Circle Community
  • Technical Support Knowledge Base
Request a Demo Internal Documentation
  • Aurora Endpoint Security
  • Managed Detection and Response (MDR)
  • Aurora Attack Surface Management (Aurora ASM)
  • Aurora Vulnerability Management (Aurora VM)
  • Managed Security Awareness (MA)
  • Incident Readiness and Response
  • Arctic Wolf Unified Portal
  • MSP Portal
  • Authentication
  • Sensors, Scanners, and Log Collectors
  • Arctic Wolf Agent
  • Onboarding Portal
  • Active Response, Log Forwarding, and Security Monitoring
  • Active Directory
  • Cloud Security Posture Management (CSPM)
  • IT Service Management (ITSM)
  • Developer and OEM
  • Product Updates
  • Additional Information about Products and Services
  • Legacy Risk Dashboard
  • Legacy Analytics
  • English
  • 日本語
  • Deutsch
  • Français
Sign In
  • Aurora Endpoint Security
  • Managed Detection and Response (MDR)
  • Aurora Attack Surface Management (Aurora ASM)
  • Aurora Vulnerability Management (Aurora VM)
  • Managed Security Awareness (MA)
  • Incident Readiness and Response
  • Arctic Wolf Unified Portal
  • MSP Portal
  • Authentication
  • Sensors, Scanners, and Log Collectors
  • Arctic Wolf Agent
  • Onboarding Portal
  • Active Response, Log Forwarding, and Security Monitoring
  • Active Directory
  • Cloud Security Posture Management (CSPM)
  • IT Service Management (ITSM)
  • Developer and OEM
  • Product Updates
  • Additional Information about Products and Services
  • Legacy Risk Dashboard
  • Legacy Analytics
  • English
  • 日本語
  • Deutsch
  • Français
  • ArcticWolf.com
  • Unified Portal
  • Arctic Circle Community
  • Technical Support Knowledge Base
Request a Demo
Internal Documentation
Sign In

Active Directory

Active Directory
  • Active Directory
    • Configure AD Sensor
      • Configure GPO Advanced Audit Policy
      • NXLog
        • Install
        • Update
        • Uninstall
      • Active Directory Sensor
        • Release Notes
        • Install
        • Update
        • Uninstall
        • Troubleshoot
      • ADFS Auditing
      • Active Directory Decoy Account
        • Configure an AD Decoy Account
        • Unregister an SPN
        • Troubleshoot
Home ▸ Active Directory ▸ Active Directory
Share this page
  • LinkedIn
  • X
  • Facebook
  • Email
Print page

Configure an Active Directory Sensor

  1. Configure an Arctic Wolf GPO Advanced Audit Policy.
  2. Optional: Configure Active Directory Certificate Service (AD CS) auditing.
    Note: This step is required if you have the AD CS role configured on your server.
  3. Install NXLog on each DC.
  4. Install Active Directory Sensor on each DC.
  5. Install the Arctic Wolf Agent on each DC.
  6. Install Sysmon on each DC.
  7. Optional: NXLog for auditing ADFS.
  8. Optional: Active Directory decoy accounts.
Active Directory (AD) Sensor Managed Detection and Response (MDR) Public

Last updated: April 7, 2026

Previous Active Directory Next Configure GPO Advanced Audit Policy

Explore Topics

Aurora Endpoint Security Managed Detection and Response (MDR) Aurora Attack Surface Management (Aurora ASM) Aurora Vulnerability Management (Aurora VM) Managed Security Awareness (MA) Incident Readiness and Response Arctic Wolf Unified Portal MSP Portal Authentication Sensors, Scanners, and Log Collectors Arctic Wolf Agent Onboarding Portal Active Response, Log Forwarding, and Security Monitoring Active Directory Cloud Security Posture Management (CSPM) IT Service Management (ITSM) Developer and OEM Product Updates Additional Information about Products and Services Legacy Risk Dashboard Legacy Analytics
Arctic Wolf Help Documentation
Privacy Policy
Terms of Use
Cookie Policy
Accessibility Statement
Information Security
Sustainability Statement
© 2026 Arctic Wolf Networks Inc. All Rights Reserved.