Audited commands

Paths to access

On senhasegura, in the navigation bar, hover over the Products menu and select PAM Core.

In the side menu, select Management > Sessions > Audited commands.

On senhasegura, in the navigation bar, hover over the Products menu and select User Behavior.

In the side menu, select Management > Audited commands.

Actions menu

Item	Type	Description
Actions	Dropdown menu	Displays the options for registering new commands, Print report, Export CSV and Schedule report.
New global command	Button	Directs to the Global command screen.
New command by credential	Button	Directs to the Command by credential screen.
New command by device	Button	Directs to the Command by device screen.
New command by group	Button	Directs to the Command by group screen.

Item

Type

Description

Actions

Dropdown menu

Displays the options for registering new commands, Print report, Export CSV and Schedule report.

New global command

Button

Directs to the Global command screen.

New command by credential

Button

Directs to the Command by credential screen.

New command by device

Button

Directs to the Command by device screen.

New command by group

Button

Directs to the Command by group screen.

Search Fields

Item	Type	Description
ID	Text field	Filters the audited commands by their identification code within senhasegura.
Name	Text field	Filters the audited commands by the identification name of the command registered within senhasegura.
Command	Text field	Filters the audited commands by the registered command. Example: `passwd`
Criticality	Dropdown menu	Filters the audited commands by their criticality level. The options are Low, Medium, and High. Clear the field to enable the All option.
Type	Dropdown menu	Filters the audited commands by their registration rule type. The options are Credential, Device, Global and Group.
Session type	Dropdown menu	Filters the audited commands by the type of session that was registered. The options are All, Terminal and Database.
Status	Dropdown menu	Filters audited commands by their activation state. The options are Enabled and Disabled. Clear the field to enable the All option.

Item

Type

Description

Text field

Filters the audited commands by their identification code within senhasegura.

Name

Text field

Filters the audited commands by the identification name of the command registered within senhasegura.

Command

Text field

Filters the audited commands by the registered command. Example: passwd

Criticality

Dropdown menu

Filters the audited commands by their criticality level. The options are Low, Medium, and High**.** Clear the field to enable the All option.

Type

Dropdown menu

Filters the audited commands by their registration rule type. The options are Credential, Device, Global and Group.

Session type

Dropdown menu

Filters the audited commands by the type of session that was registered. The options are All, Terminal and Database.

Status

Dropdown menu

Filters audited commands by their activation state. The options are Enabled and Disabled. Clear the field to enable the All option.

Report fields

ID.

Name.

Command.

Criticality.

Type.

Session type.

Action during session: the action that happens in the session as a result of executing the command.

Occurrences: the number of times the command must be used for the chosen action to occur.

Score: the score assigned to the command in the registration that defines its criticality.

Status.

Actions:

Edit: open the Command registration screen by credential, device, group, or global, according to the type specified in the command, to make the desired changes. The Enabled field is only available on the edit screens.
View audit history: open the Event log report screen.

Info

By default, the report displays 30 records per screen. To go to the next screen, click the forward button at the end of the report.

Event log screen

This section provides information about the Event log report screen, which lists the audited commands that were used during a session.

Search fields

Item	Type	Description
ID	Text field	Filters the audited commands by their identification code within senhasegura.
Command	Dropdown menu	Filters the audited commands by their name.
Criticality	Dropdown menu	Filters the audited commands by their criticality level. The options are Low, Medium, and High. Clear the field to enable the All option.
Action of session	Dropdown menu	Filters the audited commands by the action that occurred when using the command. The options are Allow, Lock, Interrupt, and Force.
Local user	Text field	Filters the audited commands by the name of the user who used the command.
Audited command	Text field	Filters the audited commands by the registered command. Example: `passwd`
Typed command	Text field	Filters the audited commands by the line where they were entered by the user.
Event date	Date picker	Filters the audited commands by the period they were used.

Item

Type

Description

Text field

Filters the audited commands by their identification code within senhasegura.

Command

Dropdown menu

Filters the audited commands by their name.

Criticality

Dropdown menu

Filters the audited commands by their criticality level. The options are Low, Medium, and High. Clear the field to enable the All option.

Action of session

Dropdown menu

Filters the audited commands by the action that occurred when using the command. The options are Allow, Lock, Interrupt, and Force.

Local user

Text field

Filters the audited commands by the name of the user who used the command.

Audited command

Text field

Filters the audited commands by the registered command. Example: passwd

Typed command

Text field

Filters the audited commands by the line where they were entered by the user.

Event date

Date picker

Filters the audited commands by the period they were used.

Audited commands

Paths to access

Actions menu

Search Fields

Report fields

Event log screen

Search fields

Report fields

What's Next