Configuring the monitoring of a registry value
You can configure PATROL to monitor a specific registry value on the monitored computer to detect when the value changes or is deleted.
Before you begin
You can monitor registry values only under the following hives:
- HKEY_LOCAL_MACHINE
- HKEY_CURRENT_CONFIG
- HKEY_CLASSES_ROOT
You cannot monitor registry values under HKEY_CURRENT_USER and HKEY_USER.
To configure the monitoring of a registry value
- Navigate to the NT_REGISTRY application (labeled Registry) as described in Accessing an application instance.
- Access the KM menu commands as described in Accessing KM menu commands.
- Choose the KM menu command Configure Registry Value Monitoring > Add Value.
- From the Configure Registry Value Monitoring - Add Value dialog box, enter the name of the registry key and the value that you want to monitor.
Enter the full name of the registry key path.
Example:
Key: HKEY_LOCAL_MACHINE\SOFTWARE\BMCSoftware\PAMO\1.1\ReportTypes\Event Trend Report
Value: Excel Template Path - Click Apply.
- If the value changes or is deleted, the parameter Registry Value Changed (RegValueChanged) alarms.
Related dialog box
Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*