Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >

KB-41204: Is there a way to monitor the DirectAudit Collector status outside of Audit Manager?

Auditing and Monitoring Service ,  

25 February,21 at 12:40 PM


Is it possible to monitor the Direct Audit Collector(s) outside of Audit Manager to determine if it is connected or disconnected?


Yes, one way that could be used to monitor the Collector status is to use the 'Get-CdaCollector' cmdlet from the Audit Modules for Powershell.

The Audit Modules for PowerShell will need to be installed first. 
Please see the below documentation on how the Audit Modules for PowerShell can be installed, if it isn't already.

After the Audit Modules are installed, open up a PowerShell prompt with Administrative rights by right clicking on the PowerShell Application icon and choosing Run As Administrator.

The Get-CdaCollector cmdlet can then be used to find information about your collector(s).  The Status field in the output will show connection status.
Get-CdaCollector -Installation <AuditInstallationName>

See the example below:
PS C:\Windows\system32> Get-CdaCollector -Installation Audit2Installation

MachineName        : DEPLOY2.centrifyimage.vms
MachineAddress     :
Sid                : S-1-5-21-3571224596-3006733700-3057749774-2118
Status             : Connected
UpTime             : 04:14:22
StartupTime        : 9/23/2020 12:22:43 PM
LastUpdateTime     : 9/23/2020 4:37:05 PM
PortNumber         : 5063
Version            :
AuditStoreDatabase : Demo-Site@centrifyimage.vms-AuditStore-2019-10-15

To filter only on the Status field the command could be run as follows.
PS C:\Windows\system32> Get-CdaCollector -Installation Audit2Installation | select Status


PS C:\Windows\system32> Get-CdaCollector -Installation Audit2Installation | select Status | FL

Status : Connected