As PMP deals with sensitive passwords, it comes with an effective auditing mechanism to record who accessed what resource and when along with trails about every single action performed by the user. All operations performed by users on the GUI are audited with the timestamp and the IP address from where they accessed the application.
Audit in PMP has been classified into three types:
Resource Audit - all operations pertaining to resources, resource groups, accounts, passwords, shares and policies
User Audit - all operations performed in PMP by a 'PMP user' are captured under 'User Audit'
Task Audit - records of various scheduled tasks created
PMP audit is quite comprehensive and almost all actions are audited. There may be requirements to audit only the specific operations. To facilitate that, within each audit type, PMP provides the flexibility to audit only the required operations. There is also option to send notifications to required recipients whenever a chosen event (audit trail of your choice) occurs in PMP.
All operations pertaining to 'resources' are captured under 'Resource Audit'.
To view resource audit
Navigate to Audit >> Resource Audit
To record only specific trails in resource audit
Click the icon "Configure Audit" present in the Resource Audit page
In the UI that opens, select the operations for which you want audit records to be generated. Leave the checkbox against all other operations blank
To receive notifications on generation of audit records
If you want to receive notifications on the occurrence of a particular event, you can select the respective check-boxes against the required operation
PMP provides the flexibility of sending separate notifications to each and every occurrence of the desired event. If you do not wish to be flooded with emails, you can choose to receive a single notification every day (containing information about all the events generated on the day) in the form a daily digest
You can also specify the list of recipients list for notifications
Click "Save"
Purging Resource Audit Trails
Almost all operations pertaining to resources performed in PMP are audited and the trails are stored in the database. Naturally, the resource audit records grow at a faster rate. If you do not need the audit records that are older than a specified number of days, you can purge them
To purge the records that are older than a specified number of days, specify the number in the text-box against the field "Purge Audit Records".
Click "Save". The Resource Audit records that are older than the number of days specified by you, will be purged
Exporting Resource Audit Trails as PDF/CSV Report
The Audit Trails could be exported as a PDF/CSV file. You can store it in a secure location for reference purpose. Click the button "Export to PDF" or "Export to CSV" as required
You can create customized views for filtering and viewing only those audit records that are of interest to you. For example, in Resource Audit, if you want to filter and view the audit trails for the accounts added for specific resources, you can create a custom filter by specifying your criteria.
To create an audit filter,
Click the link "Add" present beside 'Manage Custom Filters'
Select the required column names from the drop-down
Enter your criteria (If you want to enter operation type as criteria, click the link 'View Operation Types', refer to the list and enter the required name as it is)
Click "Save"
All operations performed in PMP by a 'PMP user' are captured under 'User Audit'.
To view user audit
Navigate to Audit >> User Audit
To record only specific trails in user audit
Click the icon "Configure Audit" present in the User Audit page
In the UI that opens, select the operations for which you want audit records to be generated. Leave the checkbox against all other operations blank
To receive notifications on generation of audit records
If you want to receive notifications on the occurrence of a particular event, you can select the respective check-boxes against the required operation
PMP provides the flexibility of sending separate notifications to each and every occurrence of the desired event. If you do not wish to be flooded with emails, you can choose to receive a single notification every day (containing information about all the events generated on the day) in the form a daily digest
You can also specify the list of recipients list for notifications
Click "Save"
Purging User Audit Trails
Almost all operations performed by a user are audited and the trails are stored in the database. Naturally, the user audit records grow at a faster rate. If you do not need the audit records that are older than a specified number of days, you can purge them
To purge the records that are older than a specified number of days, specify the number in the text-box against the field "Purge Audit Records".
Click "Save". The Resource Audit records that are older than the number of days specified by you, will be deleted from the database once and for all
Exporting User Audit Trails as PDF/CSV Report
The Audit Trails could be exported as a PDF/CSV file. You can store it in a secure location for reference purpose. Click the button "Export to PDF" or "Export to CSV" as required
You can create customized views for filtering and viewing only those audit records that are of interest to you. For example, in User Audit, if you want to filter and view the audit trails for the accounts added for specific resources, you can create a custom filter by specifying your criteria.
To create an audit filter,
Click the link "Add" present beside 'Manage Custom Filters'
Select the required column names from the drop-down
Enter your criteria (If you want to enter operation type as criteria, click the link 'View Operation Types', refer to the list and enter the required name as it is)
Click "Save"
Records of various scheduled tasks created and executed in PMP are captured as part of task audit.
To view user audit
Navigate to Audit >> Task Audit
To record only specific trails in resource audit
Click the icon "Configure Audit" present in the Task Audit page
In the UI that opens, select the operations for which you want audit records to be generated. Leave the checkbox against all other operations blank
To receive notifications on generation of audit records
If you want to receive notifications on the occurrence of a particular event, you can select the respective check-boxes against the required operation
PMP provides the flexibility of sending separate notifications to each and every occurrence of the desired event. If you do not wish to be flooded with emails, you can choose to receive a single notification every day (containing information about all the events generated on the day) in the form a daily digest
You can also specify the list of recipients list for notifications
Click "Save"
Purging Task Audit Trails
Almost all operations performed by a user are audited and the trails are stored in the database. Naturally, the user audit records grow at a faster rate. If you do not need the audit records that are older than a specified number of days, you can purge them
To purge the records that are older than a specified number of days, specify the number in the text-box against the field "Purge Audit Records".
Click "Save". The Task Audit records that are older than the number of days specified by you, will be deleted from the database once and for all
Exporting Task Audit Trails as PDF/CSV Report
The Audit Trails could be exported as a PDF/CSV file. You can store it in a secure location for reference purpose. Click the button "Export to PDF" or "Export to CSV" as required
You can create customized views for filtering and viewing only those audit records that are of interest to you. For example, in Task Audit, if you want to filter and view the audit trails for the database backup schedules created by specific users, you can create a custom filter by specifying your criteria.
To create an audit filter,
Click the link "Add" present beside 'Manage Custom Filters'
Select the required column names from the drop-down
Enter your criteria (If you want to enter operation type as criteria, click the link 'View Operation Types', refer to the list and enter the required name as it is)
Click "Save"
Yes, PMP records all operations performed
by the user including the password viewing and copying operations. From
audit trails, you can get a comprehensive list of all the actions and
attempts by the users with password retrieval. The list of operations
that are audited (with the timestamp and the IP address) includes:
All the audit records are stored in the MySQL database. To ensure security, the MySQL server has been configured not to accept connections from remote hosts. In addition, the password to access the MySQL server is randomly generated for every PMP installation. So, unless people gain entry into the database, the audit records cannot be modified. |
© 2007, ZOHO Corp. All Rights Reserved.