netwrix · farzanajafar · Jul 10, 2025 · Jul 8, 2025 · Jul 9, 2025 · Jul 9, 2025
@@ -33,7 +33,7 @@ Policies.
 **Step 2 –** On the Policies page, expand the Honeytokens list and select the related Honeytoken
 policy from the Policies list. Or, select the policy from the Policies table in the Overview box.
 
-![honeytoken](/img/product_docs/threatprevention/7.5/admin/configuration/honeytoken.webp)
+![honeytoken](/img/product_docs/threatmanager/3.0/administration/configuration/policies/Honeytoken.webp)
 
 **Step 3 –** On the Configuration tab of the policy, fill in the requested information and click
 **Copy LDAP Filter**. The Copy LDAP Filter button will automatically copy the exact string that is
@@ -64,7 +64,7 @@ select the other **LDAP Monitoring** event type in the list above.
 Threat Manager.
 
 _Remember,_ the Honeytoken tab of the
-[Netwrix Threat Manager Configuration Window](/docs/threatmanager/3.0/threatprevention/admin/configuration/threatmanagerconfiguration.md)
+[Netwrix Threat Manager Configuration Window](/docs/threatmanager/3.0/install/integration/threatprevention/threatmanagerconfiguration.md)
 must be configured in order to successfully send LDAP monitoring data to Threat Manager.
 
 ### Configure LDAP Monitoring in the Activity Monitor

@@ -211,7 +211,7 @@ The password for the built-in ADMIN account has been updated.
 The Settings section provides the ability to customize the user login page and configure the token
 expiration time for authenticated users.
 
-![Settings section of the User Access page](/img/product_docs/activitymonitor/8.0/config/dellpowerscale/settings.webp)
+![Settings section of the User Access page](/img/product_docs/threatmanager/3.0/administration/configuration/systemsettings/Settings.webp)
 
 - One page login (Login, password, MFA code on one page) – Combines username and password, and
   multi-factor authentication on a single page

@@ -25,10 +25,10 @@ disabled.
 
 The Threats list divides the threats into sections:
 
-- [Active Directory Threats](/docs/threatmanager/3.0/overview/threats/activedirectory.md)
-- [Entra ID Threats](/docs/threatmanager/3.0/overview/threats/entraid.md)
-- [File System Threats](/docs/threatmanager/3.0/overview/threats/filesystem.md)
-- [General Threats](/docs/threatmanager/3.0/overview/threats/general.md)
+- [Active Directory Threats](/docs/threatmanager/3.0/threats/activedirectory.md)
+- [Entra ID Threats](/docs/threatmanager/3.0/threats/entraid.md)
+- [File System Threats](/docs/threatmanager/3.0/threats/filesystem.md)
+- [General Threats](/docs/threatmanager/3.0/threats/general.md)
 - Threat Detection Page
 
 Select a threat from the list to display the threat's configuration options to the right of the

@@ -18,7 +18,7 @@ Every investigation has the following options at the top of the page:
   [Edit or Duplicate an Investigation](/docs/threatmanager/3.0/administration/investigations/options/edit.md) topic for additional information.
 - Create threat – In addition to preconfigured threats, a user can create a custom threat when
   certain events are considered to be dangerous in the environment, for example, when one of the
-  privileged users makes file changes. See the [Custom Threats](/docs/threatmanager/3.0/overview/threats/custom.md)topic for
+  privileged users makes file changes. See the [Custom Threats](/docs/threatmanager/3.0/threats/custom.md)topic for
   additional information.
 - Subscriptions – Click the Subscriptions link to open the Subscription to window. You can specify
   recipients to receive this report as an email attachment in a specified format. See the

@@ -155,7 +155,7 @@ The Action Log window contains a Logs tab and a Step Details tab.
 
 The Logs tab displays logs for the playbook execution.
 
-![This screenshot displays the Logs tab on the Action Log window.](/img/product_docs/threatmanager/3.0/administration/playbooks/logstab.webp)
+![This screenshot displays the Logs tab on the Action Log window.](/img/product_docs/threatmanager/3.0/administration/playbooks/action/logstab.webp)
 
 The Logs tab displays a table with the following columns:
 

@@ -56,10 +56,10 @@ The Type section displays the threat types which can be selected for filtering.
 to filter by is dynamic, depending upon the type of threats detected. See the following topics for
 additional information:
 
-- [Active Directory Threats](/docs/threatmanager/3.0/overview/threats/activedirectory.md)
-- [Entra ID Threats](/docs/threatmanager/3.0/overview/threats/entraid.md)
-- [File System Threats](/docs/threatmanager/3.0/overview/threats/filesystem.md)
-- [General Threats](/docs/threatmanager/3.0/overview/threats/general.md)
+- [Active Directory Threats](/docs/threatmanager/3.0/threats/activedirectory.md)
+- [Entra ID Threats](/docs/threatmanager/3.0/threats/entraid.md)
+- [File System Threats](/docs/threatmanager/3.0/threats/filesystem.md)
+- [General Threats](/docs/threatmanager/3.0/threats/general.md)
 
 ### Level
 

@@ -1,7 +1,7 @@
 ---
 title: "Getting Started with Threat Manager"
 description: "Getting Started with Threat Manager"
-sidebar_position: 10
+sidebar_position: 2
 ---
 
 # Getting Started with Threat Manager

@@ -1 +1,52 @@
-# Threat Manager
+---
+title: "Netwrix Threat Manager v3.0 Documentation"
+description: "Netwrix Threat Manager v3.0"
+sidebar_position: 1
+---
+
+# Netwrix Threat Manager v3.0 Documentation
+
+Threat Manager detects and responds to abnormal behavior and advanced attacks against Active
+Directory and File Systems with unprecedented accuracy and speed. Threat Manager provides
+programmatic and automated response options when threats are identified. In addition to an extensive
+catalog of preconfigured response actions, Threat Manager can be configured to integrate with you
+own business processes using integrated PowerShell or webhook facilities.
+
+Threat Manager can also deliver threat data to administrators in their preferred applications,
+including Microsoft Teams, Slack, ServiceNow, and a wide variety of SIEM platforms.
+
+## Architecture
+
+The following diagram is a visual representation of Threat Manager architecture. It maps out the
+physical implementation of Threat Manager components.
+
+![Netwrix Threat Manager Architecture diagram](/img/product_docs/threatmanager/3.0/tmarch.webp)
+
+## Administration
+
+Organizations of virtually any size find it to be impossible, even counterproductive, to evaluate
+the substantial amount of file access events and Active Directory events occurring within their
+environments on any given day. To overcome this challenge and achieve proper visibility into this
+otherwise significant blind spot in an organization's cyber security program, Threat Manager®
+provides built-in threat analytics to highlight the most unusual behaviors that occur within an
+organization each day. Threat Manager also provides a method to deep dive into activity data using a
+series of customizable filters to discover threats unique to their organization.
+
+## Supported Platforms
+
+Supported platforms include the Active Directory and File system platforms supported for monitoring
+by either Netwrix Threat Prevention or Netwrix Activity Monitor. See the following product
+documentation for additional information:
+
+- [Netwrix Threat Prevention Documentation](https://helpcenter.netwrix.com/category/threatprevention)
+- [Netwrix Activity Monitor Documentation](https://helpcenter.netwrix.com/category/activitymonitor)
+
+## Threat Manager Threats
+
+Threat Manager monitors the following threats. See each section for information on monitored threat
+types.
+
+- [Active Directory Threats](/docs/threatmanager/3.0/threats/activedirectory.md)
+- [Entra ID Threats](/docs/threatmanager/3.0/threats/entraid.md)
+- [File System Threats](/docs/threatmanager/3.0/threats/filesystem.md)
+- [General Threats](/docs/threatmanager/3.0/threats/general.md)
@@ -32,15 +32,15 @@ Run as administrator. Then skip to Step 2.
 **Step 3 –** Read the End User License Agreement and select the I accept the license agreement
 checkbox. Click **Next**.
 
-![Netwrix Threat Manager Setup wizard Install Folder page](/img/product_docs/threatprevention/7.5/install/reportingmodule/folder.webp)
+![Netwrix Threat Manager Setup wizard Install Folder page](/img/product_docs/threatmanager/3.0/install/folder.webp)
 
 **Step 4 –** By default, the installation directory is set to:
 
 - Install Folder – C:\Program Files\STEALTHbits\StealthDEFEND
 
 Optionally, enter a new path or use the **Browse** button to modify as desired. Click Next.
 
-![Netwrix Threat Manager Setup wizard Connect to the Database page](/img/product_docs/threatprevention/7.5/install/database.webp)
+![Netwrix Threat Manager Setup wizard Connect to the Database page](/img/product_docs/threatmanager/3.0/install/Database.webp)
 
 **Step 5 –** On the Database page, ensure the host and port are set correctly. If installing on the
 same server where the PostgreSQL database application was installed, this information will be

@@ -22,7 +22,7 @@ and select Run as administrator. Then skip to Step 2.
 
 **Step 1 –** Click PostgreSQL Setup. The Netwrix PostgreSQL Setup wizard opens.
 
-![Netwrix PostgreSQL Setup wizard](/img/product_docs/threatmanager/3.0/install/install.webp)
+![Netwrix PostgreSQL Setup wizard](/img/product_docs/threatmanager/3.0/install/installdb.webp)
 
 **Step 2 –** Click Install.
 

@@ -38,7 +38,7 @@ password will be required to sign in.
 The built-in ADMIN account password is now set.
 
 If the Enable MFA option is set to OFF, no additional configuration is required and the Threat
-Manager Console opens. See the [Getting Started with Threat Manager](/docs/threatmanager/3.0/overview/gettingstarted.md) topic for
+Manager Console opens. See the [Getting Started with Threat Manager](/docs/threatmanager/3.0/gettingstarted.md) topic for
 next steps.
 
 If the Enable MFA option is set to ON, registration of an MFA authenticator is required. Proceed to
@@ -64,4 +64,4 @@ of codes to access for account recovery, if needed.
 **Step 4 –** Click **Continue**.
 
 Once MFA is configured for this account, the Threat Manager Console opens. See the
-[Getting Started with Threat Manager](/docs/threatmanager/3.0/overview/gettingstarted.md) topic for next steps.
+[Getting Started with Threat Manager](/docs/threatmanager/3.0/gettingstarted.md) topic for next steps.
@@ -1,3 +1,9 @@
+---
+title: "Netwrix Threat Manager Configuration Window"
+description: "Netwrix Threat Manager Configuration Window"
+sidebar_position: 10
+---
+
 # Netwrix Threat Manager Configuration Window
 
 The Netwrix Threat Manager Configuration window is a global setting to enable integration between
@@ -137,7 +143,7 @@ PAC Analytic Type topic for additional information.
 **Step 6 –** In Threat Prevention, click **Configuration** > **Netwrix Threat Manager
 Configuration** on the menu. The Netwrix Threat Manager Configuration window opens.
 
-![Netwrix Threat Manager Configuration Window - Forged PAC tab](/img/product_docs/activitymonitor/8.0/admin/monitoreddomains/admonitoringconfiguration/forgedpac.webp)
+![Netwrix Threat Manager Configuration Window - Forged PAC tab](/img/product_docs/threatmanager/3.0/install/forgedpac.webp)
 
 **Step 7 –** Ensure the Event Sink tab is properly set up to send event data to Threat Manager.
 

@@ -1,5 +1,5 @@
 {
-  "label": "Upgrade Procedure",
+  "label": "Upgrade",
   "position": 70,
   "collapsed": true,
   "collapsible": true,

@@ -8,7 +8,7 @@ sidebar_position: 70
 
 This topic describes the steps needed for upgrading Threat Manager to the latest version.
 
-See the [What's New](/docs/threatmanager/3.0/overview/whatsnew.md) topic for details on new and improved features included with
+See the [What's New](/docs/threatmanager/3.0/whatsnew.md) topic for details on new and improved features included with
 each release.
 
 ## Considerations

@@ -28,14 +28,13 @@ displayed, indicating the currently installed version:
 
 **Step 3 –** Click **OK** to upgrade. The Netwrix PostgreSQL Setup wizard opens.
 
-![Netwrix PostgreSQL Setup wizard](/img/product_docs/threatmanager/3.0/install/install.webp)
+![Netwrix PostgreSQL Setup wizard](/img/product_docs/threatmanager/3.0/install/installdb.webp)
 
 **Step 4 –** Click **Install**.
 
 ![Netwrix PostgreSQL Setup wizard on the EULA page](/img/product_docs/activitymonitor/8.0/install/eula.webp)
 
-**Step 5 –** Read the End User License Agreement and select the I accept the license agreement
-checkbox. Click Next.
+**Step 5 –** Read the End User License Agreement and select the I accept the license agreement checkbox. Click Next.
 
 **Step 6 –** The installation begins and the installer displays a Setup Progress window. Click Exit
 when the installation is successful to close the wizard.

@@ -1,5 +1,5 @@
 {
-  "label": "Overview",
+  "label": "Permissions",
   "position": 60,
   "collapsed": true,
   "collapsible": true,

@@ -1,6 +1,6 @@
 {
   "label": "Type of Threats",
-  "position": 30,
+  "position": 4,
   "collapsed": true,
   "collapsible": true,
   "link": {

@@ -15,11 +15,11 @@ disabled threats.
 
 The Threats list divides the threats into the following sections:
 
-- [Active Directory Threats](/docs/threatmanager/3.0/overview/threats/activedirectory.md)
-- [Entra ID Threats](/docs/threatmanager/3.0/overview/threats/entraid.md)
-- [File System Threats](/docs/threatmanager/3.0/overview/threats/filesystem.md)
-- [General Threats](/docs/threatmanager/3.0/overview/threats/general.md)
-- [Custom Threats](/docs/threatmanager/3.0/overview/threats/custom.md)
+- [Active Directory Threats](/docs/threatmanager/3.0/threats/activedirectory.md)
+- [Entra ID Threats](/docs/threatmanager/3.0/threats/entraid.md)
+- [File System Threats](/docs/threatmanager/3.0/threats/filesystem.md)
+- [General Threats](/docs/threatmanager/3.0/threats/general.md)
+- [Custom Threats](/docs/threatmanager/3.0/threats/custom.md)
 
 Select a threat from the list to display the threat's configuration options to the right of the
 Threats box.