In accordance with a compliance regulatory document, such as PCI DSS, it is required to monitor failed logon attempts that can be caused by a brute-force attack. In a brute-force attack, a script or program is used to guess a password by automatically trying different combinations of characters.
To create a monitor in SCOM 2012, an installed and configured SCOM 2012 server is required. You must also review the Planning a compliance program for Microsoft System Center 2012 Operations Manager recipe in this chapter.
The configuration of the monitor in SCOM 2012 is stored in a management pack. Perform the following steps to create a new management pack for this recipe:
Open the SCOM 2012 console.
Navigate to Administration | Management Packs.
Click on the Create Management...