2006-09-11 19:44:04 +02:00
|
|
|
<?xml version="1.0" encoding="ISO-8859-15"?>
|
|
|
|
|
|
2006-09-13 17:48:45 +02:00
|
|
|
<chapter id="chapter6">
|
2006-09-29 19:21:14 +02:00
|
|
|
<title>System audit</title>
|
|
|
|
|
|
|
|
|
|
<para>
|
|
|
|
|
The Pandora's system audit shows all the actions performed by each
|
|
|
|
|
user, as well as the failed logins.
|
|
|
|
|
</para>
|
|
|
|
|
|
|
|
|
|
<para>
|
2006-11-20 12:04:28 +01:00
|
|
|
The system audit includes actions that somehow try to by pass the
|
2006-11-21 Raul Mateos <raulofpandora@gmail.com>
* en/pandora_install.xml, en/pandora_advanced.xml,
en/pandora_chapter1.xml, en/pandora_chapter2.xml,
en/pandora_chapter3.xml, en/pandora_chapter4.xml,
en/pandora_chapter5.xml, en/pandora_chapter6.xml,
en/pandora_chapter7.xml, en/pandora_chapter8.xml,
en/pandora_chapter9.xml, en/pandora_introduction.xml
en/pandora_migration.xml, en/pandora_userguide.xml:
Text correction.
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@267 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2006-11-21 16:55:45 +01:00
|
|
|
security system: attempts to delete an incident by an unauthorized
|
|
|
|
|
user, attempts to change user profiles by unauthorized users, etc.
|
2006-11-20 12:04:28 +01:00
|
|
|
Its main function is, however, to trace the user connections
|
|
|
|
|
(login/logout).
|
2006-09-29 19:21:14 +02:00
|
|
|
</para>
|
|
|
|
|
|
|
|
|
|
<para>
|
2006-11-20 12:04:28 +01:00
|
|
|
The audit Logs can be found in the "System Audit Log" option of the
|
2006-09-29 19:21:14 +02:00
|
|
|
Administration menu, ordered chronologicly.
|
|
|
|
|
</para>
|
|
|
|
|
|
|
|
|
|
<para>
|
|
|
|
|
Filters can be applied to the Logs displayed to show only those of
|
|
|
|
|
interest for the user, selected by the action the Log produces.
|
|
|
|
|
</para>
|
|
|
|
|
|
|
|
|
|
<para>
|
|
|
|
|
The selectable actions are those actions stored in the Data Base
|
|
|
|
|
at that time.
|
|
|
|
|
</para>
|
|
|
|
|
|
2006-11-20 12:04:28 +01:00
|
|
|
<graphic scale='70' fileref="images/image049.png" valign="bottom"
|
|
|
|
|
align="center"/>
|
2006-09-29 19:21:14 +02:00
|
|
|
|
2006-11-20 12:04:28 +01:00
|
|
|
<para>
|
|
|
|
|
The following fields display the Audit Logs information:
|
|
|
|
|
</para>
|
|
|
|
|
<para>
|
|
|
|
|
<emphasis>User:</emphasis> User that triggerd the event (SYSTEM
|
2006-11-21 Raul Mateos <raulofpandora@gmail.com>
* en/pandora_install.xml, en/pandora_advanced.xml,
en/pandora_chapter1.xml, en/pandora_chapter2.xml,
en/pandora_chapter3.xml, en/pandora_chapter4.xml,
en/pandora_chapter5.xml, en/pandora_chapter6.xml,
en/pandora_chapter7.xml, en/pandora_chapter8.xml,
en/pandora_chapter9.xml, en/pandora_introduction.xml
en/pandora_migration.xml, en/pandora_userguide.xml:
Text correction.
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@267 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2006-11-21 16:55:45 +01:00
|
|
|
is special user of the system).
|
2006-11-20 12:04:28 +01:00
|
|
|
</para>
|
|
|
|
|
<itemizedlist>
|
|
|
|
|
<listitem>
|
|
|
|
|
<para>
|
|
|
|
|
<emphasis>Action:</emphasis> Action generated by the entry in
|
|
|
|
|
the log.
|
|
|
|
|
</para>
|
|
|
|
|
</listitem>
|
|
|
|
|
<listitem>
|
|
|
|
|
<para>
|
|
|
|
|
<emphasis>Date:</emphasis> Date of the entry in the log.
|
|
|
|
|
</para>
|
|
|
|
|
</listitem>
|
|
|
|
|
<listitem>
|
|
|
|
|
<para>
|
|
|
|
|
<emphasis>Source IP:</emphasis> IP of the machine or the agent
|
|
|
|
|
that provoked the entry.
|
|
|
|
|
</para>
|
|
|
|
|
</listitem>
|
|
|
|
|
<listitem>
|
|
|
|
|
<para>
|
|
|
|
|
<emphasis>Comment:</emphasis> Comment describing the entry
|
|
|
|
|
</para>
|
|
|
|
|
</listitem>
|
|
|
|
|
</itemizedlist>
|
2006-09-29 19:21:14 +02:00
|
|
|
<sect1 id="sec6.1">
|
|
|
|
|
<title>Statistics</title>
|
|
|
|
|
<para>
|
|
|
|
|
There isn't a special section to view system audit
|
|
|
|
|
statistics. However, we could use a graph generated in the Users
|
|
|
|
|
section to evaluate the actions of each user, as this graph
|
|
|
|
|
would represent the total number of entries in the audit log for
|
|
|
|
|
each one: the more active the user is the higher the number of
|
|
|
|
|
entries.
|
|
|
|
|
</para>
|
|
|
|
|
<para>
|
|
|
|
|
The graph will also show entries of invalid users, i.e., those
|
|
|
|
|
entries generated by failed attemps to log in.
|
|
|
|
|
</para>
|
2006-11-20 12:04:28 +01:00
|
|
|
<graphic fileref="images/image050.png" valign="bottom"
|
|
|
|
|
align="center"/>
|
2006-09-29 19:21:14 +02:00
|
|
|
</sect1>
|
2006-11-24 Manuel Arostegui <marostegui@artica.es>
* en/pandora_chapter1.xml,pandora_chapter2.xml,pandora_chapter3.xml,
pandora_chapter4.xml,pandora_chapter5.xml,pandora_chapter6.xml,
pandora_chapter8.xml,pandora_chapter9.xml,pandora_advanced.xml,
pandora_userguide.xml,pandora_migration.xml,pandora_introduction.xml
pandora.xml: Text corrections.
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@280 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2006-11-24 12:26:27 +01:00
|
|
|
</chapter>
|
