Liongard Library

Welcome to Liongard Library, where Lions share! This is a community-led space where Liongard users can come to teach and learn from one another.
Share custom Metrics, get inspired and see what’s trending in the Pride.

Pride Etiquette:
➕ Have great custom Metrics? Add them as entries!
🌟 Want to use a Metric? Copy the query and follow this doc.
👍 Tried a Metric from the Library? Like it!
📣 Have a question or feedback on a Metric? Add a comment!
🔎 Not sure where to start? Learn about Metrics and how to write them.
💬 Need help writing a metric or want to help support others? Join the conversation in our Liongard Lounge #metrics slack channel.


🥴 See something off? Open a support chat to let us know.

ADD A NEW METRIC ENTRY

All Metric entries

Showing 878 of 878

Fortinet FortiGate: FortiManager Enabled on an Interface

This metric checks to see if the FortiGate to FortiManager (FGFM) protocol is being used on any interfaces and then lists the interface name if it is.
Michael Thompson 2 months ago in Fortinet FortiGate 0

Microsoft 365 : Malicious Application Consent - Padlet

This application has actively been used during account compromises to create a backup of the accounts mailbox.Create an actionable alert for this and audit all environments.
Jordan Docter 2 months ago in Microsoft 365 0

Active Directory: Never Used User Accounts Summary (With Exclusions)

This metric will list all accounts created over 30 days ago that have not been logged into. The metric also supports the RoarExclude group filter. The RoarExclude group filter will prevent alerts from triggering for users who are part of the RoarE...
Michael Thompson 3 months ago in Active Directory 0

Windows Workstation: List of Installed Software (Updated)

This metric provides a more readable output when used in the Software Inventory (CIS V8 Control 2.1) Report Template.
Michael Thompson 3 months ago in Windows Workstation 0

TLS/SSL: Certificates Expiring in 30 days (Excluding Let's Encrypt)

Returns the SCN of certificates that are not issued by Let's Encrypt and have an expiration of less than or equal to 30 days.
Dominic Peterson 3 months ago in TLS/SSL Certificates 0

Office 365: Stale Mailboxes

Lists active stale users that are licensed with a mailbox and haven't been active in 30 days.
Dominic Peterson 3 months ago in Microsoft 365 0

NYCCD-SQL17 - SA Members

Queries the SQL Server to poll the Server Role Members with SA privileges
Guest 3 months ago in SQL Server 0

Google Workspace: Stale User List with Exclusions

This metric supports the RoarExclude group filter. The RoarExclude group filter will prevent alerts from triggering for users who are part of the RoarExclude group. To utilize this feature, you will need to create a Group named “RoarExclude” in th...
Michael Thompson 3 months ago in Google Workspace 0

Active Directory: Never Used User Accounts Created Over 30 Days Ago Summary

This metric will list all accounts created over 30 days ago that have not been logged into.
Michael Thompson 4 months ago in Active Directory 0

Windows Server: List of Installed Antivirus Software

This metric returns a list of installed AV's from Windows Servers
Zyad Khan 4 months ago in Windows Server 0