Contents x
    Audited command logs
    • 1 minute to read
    • Print
    • Dark
      Light
    • PDF
    Contents

    Audited command logs

    • 1 minute to read
    • Print
    • Dark
      Light
    • PDF
    Article summary

    Info
    There are two ways to access the audited commands that interact with the reports.

    First:
    1. Click the Grid Menu, identified by the nine squares, and click Pam Core.
    2. At the bottom of the left-side menu, click Settings > Access > Audited commands.

    Second:
    1. Click the Grid Menu, identified by the nine squares, and click Behavior under the PANEL menu.
    2. At the bottom of the left-side menu, click Settings > Audited commands.
    Info
    You can print, export, or schedule all reports below. In the upper right corner, click the View Actions, identified by the three vertical dots, and choose the desired action. senhasegura will analyze scheduled reports according to the defined period. You can select specific users for scheduling.

    Audited command logs

    Behavior➔Occurrences➔Audited command.

    Ranking of sessions with audited commands that were executed.

    • Command: name of the audited command that was executed.
    • Criticality: criticality level of the command.
    • Sessions: number of sessions in which the command was executed.
    • Action: detailed view of the Audit History report.

    Device

    Behavior➔Occurrences➔Device.

    Ranking of sessions with audited commands that were executed and on which devices they were executed.

    • Command: name of the audited command that was executed.
    • Remote device: target device of the command executed.
    • Sessions: number of sessions in which the command was executed.
    • Action: detailed view of the Audit History report.

    Credential

    Behavior➔Occurrences➔Credential.

    Ranking of sessions by audited commands that were executed, target devices, and used credentials.

    • Command: name of the audited command that was executed.
    • Action of session: action performed according to the audited command record.
    • Remote device: target device of the command executed.
    • Sessions: number of sessions in which the command was executed.
    • Action: detailed view of the Audit History report.

    Local user

    Behavior➔Occurrences➔Local user.

    Ranking of sessions by audited commands, target devices, credentials, and senhasegura accounts.

    • Command: name of the audited command that was executed.
    • Action of session: action performed according to the audited command record.
    • Remote device: target device of the command executed.
    • Credential: the credential used with the audited command.
    • Local user: the senhasegura user. 
    • Sessions: number of sessions in which the command was executed.
    • Action: detailed view of the Audit History report.

    Audit history

    Behavior➔Occurrences➔Audit history.

    Report that combines all incident records on a single screen.

    Was this article helpful?
    What's Next
    Digital sovereignty is a fundamental right for citizens, institutions, and society. That’s why we work every day.
    Connect With Us
    SENHASEGURA
    LEARN
    EXPLORE
    Copyright © senhasegura. All Rights Reserved