Audit & Notifications

As PMP deals with sensitive passwords, it comes with an effective auditing mechanism to record who accessed what resource and when along with trails about every single action performed by the user. All operations performed by users on the GUI are audited with the timestamp and the IP address from where they accessed the application.

Audit in PMP has been classified into three types:

  • Resource Audit - all operations pertaining to resources, resource groups, accounts, passwords, shares and policies
  • User Audit - all operations performed in PMP by a 'PMP user' are captured under 'User Audit'
  • Task Audit - records of various scheduled tasks created

PMP audit is quite comprehensive and almost all actions are audited. There may be requirements to audit only the specific operations. To facilitate that, within each audit type, PMP provides the flexibility to audit only the required operations. There is also option to send notifications to required recipients whenever a chosen event (audit trail of your choice) occurs in PMP.

Resource Audit

All operations pertaining to 'resources' are captured under 'Resource Audit'.

To view resource audit

  • Navigate to Audit >> Resource Audit

To record only specific trails in resource audit

  • Click the icon "Configure Audit" present in the Resource Audit page
  • In the UI that opens, select the operations for which you want audit records to be generated. Leave the checkbox against all other operations blank

To receive notifications, traps, syslog messages on generation of audit records

  • If you want to receive notifications, SNMP traps or syslog messages on the occurrence of a particular event, you can select the respective check-boxes against the required operation (If you choose to receive SNMP traps Before selecting an option here, make sure you have carried out SNMP Trap/Syslog settings)
  • PMP provides the flexibility of sending separate notifications to each and every occurrence of the desired event. If you do not wish to be flooded with emails, you can choose to receive a single notification every day (containing information about all the events generated on the day) in the form a daily digest
  • You can also specify the list of recipients list for notifications
  • Click "Save"

Purging Resource Audit Trails

  • Almost all operations pertaining to resources performed in PMP are audited and the trails are stored in the database. Naturally, the resource audit records grow at a faster rate. If you do not need the audit records that are older than a specified number of days, you can purge them
  • To purge the records that are older than a specified number of days, specify the number in the text-box against the field "Purge Audit Records".
  • Click "Save". The Resource Audit records that are older than the number of days specified by you, will be purged

Exporting Resource Audit Trails as PDF/CSV Report

  • The Audit Trails could be exported as a PDF/CSV file. You can store it in a secure location for reference purpose. Click the button "Export to PDF" or "Export to CSV" as required

Resource Audit Filters

You can create customized views for filtering and viewing only those audit records that are of interest to you. For example, in Resource Audit, if you want to filter and view the audit trails for the accounts added for specific resources, you can create a custom filter by specifying your criteria.

To create an audit filter,

  • Click the link "Add" present beside 'Manage Custom Filters'
  • Select the required column names from the drop-down
  • Enter your criteria (If you want to enter operation type as criteria, click the link 'View Operation Types', refer to the list and enter the required name as it is)
  • Click "Save"

User Audit

All operations performed in PMP by a 'PMP user' are captured under 'User Audit'.

To view user audit

  • Navigate to Audit >> User Audit

To record only specific trails in user audit

  • Click the icon "Configure Audit" present in the User Audit page
  • In the UI that opens, select the operations for which you want audit records to be generated. Leave the checkbox against all other operations blank

To receive notifications on generation of audit records

  • If you want to receive notifications, SNMP traps or syslog messages on the occurrence of a particular event, you can select the respective check-boxes against the required operation (If you choose to receive SNMP traps Before selecting an option here, make sure you have carried out SNMP Trap/Syslog settings)
  • PMP provides the flexibility of sending separate notifications to each and every occurrence of the desired event. If you do not wish to be flooded with emails, you can choose to receive a single notification every day (containing information about all the events generated on the day) in the form a daily digest
  • You can also specify the list of recipients list for notifications
  • Click "Save"

Purging User Audit Trails

  • Almost all operations performed by a user are audited and the trails are stored in the database. Naturally, the user audit records grow at a faster rate. If you do not need the audit records that are older than a specified number of days, you can purge them
  • To purge the records that are older than a specified number of days, specify the number in the text-box against the field "Purge Audit Records".
  • Click "Save". The Resource Audit records that are older than the number of days specified by you, will be deleted from the database once and for all

Exporting User Audit Trails as PDF/CSV Report

  • The Audit Trails could be exported as a PDF/CSV file. You can store it in a secure location for reference purpose. Click the button "Export to PDF" or "Export to CSV" as required

User Audit Filters

You can create customized views for filtering and viewing only those audit records that are of interest to you. For example, in User Audit, if you want to filter and view the audit trails for the accounts added for specific resources, you can create a custom filter by specifying your criteria.

To create an audit filter,

  • Click the link "Add" present beside 'Manage Custom Filters'
  • Select the required column names from the drop-down
  • Enter your criteria (If you want to enter operation type as criteria, click the link 'View Operation Types', refer to the list and enter the required name as it is)
  • Click "Save"

Task Audit

Records of various scheduled tasks created and executed in PMP are captured as part of task audit.

To view user audit

  • Navigate to Audit >> Task Audit

To record only specific trails in resource audit

  • Click the icon "Configure Audit" present in the Task Audit page
  • In the UI that opens, select the operations for which you want audit records to be generated. Leave the checkbox against all other operations blank

To receive notifications on generation of audit records

  • If you want to receive notifications, SNMP traps or syslog messages on the occurrence of a particular event, you can select the respective check-boxes against the required operation (If you choose to receive SNMP traps Before selecting an option here, make sure you have carried out SNMP Trap/Syslog settings)
  • PMP provides the flexibility of sending separate notifications to each and every occurrence of the desired event. If you do not wish to be flooded with emails, you can choose to receive a single notification every day (containing information about all the events generated on the day) in the form a daily digest
  • You can also specify the list of recipients list for notifications
  • Click "Save"

Purging Task Audit Trails

  • Almost all operations performed by a user are audited and the trails are stored in the database. Naturally, the user audit records grow at a faster rate. If you do not need the audit records that are older than a specified number of days, you can purge them
  • To purge the records that are older than a specified number of days, specify the number in the text-box against the field "Purge Audit Records"
  • Click "Save". The Task Audit records that are older than the number of days specified by you, will be deleted from the database once and for all

Exporting Task Audit Trails as PDF/CSV Report

  • The Audit Trails could be exported as a PDF/CSV file. You can store it in a secure location for reference purpose. Click the button "Export to PDF" or "Export to CSV" as required

Task Audit Filters

You can create customized views for filtering and viewing only those audit records that are of interest to you. For example, in Task Audit, if you want to filter and view the audit trails for the database backup schedules created by specific users, you can create a custom filter by specifying your criteria.

To create an audit filter,

  • Click the link "Add" present beside 'Manage Custom Filters'
  • Select the required column names from the drop-down
  • Enter your criteria (If you want to enter operation type as criteria, click the link 'View Operation Types', refer to the list and enter the required name as it is)
  • Click "Save"
  • Does PMP record Password viewing attempts and retrievals by users?
  • Yes, PMP records all operations performed by the user including the password viewing and copying operations. From audit trails, you can get a comprehensive list of all the actions and attempts by the users with password retrieval. The list of operations that are audited (with the timestamp and the IP address) includes:

    • User accounts created, deleted and modified
    • Users logging in and logging off the application
    • Resources and passwords created, accessed, modified and deleted
  • How are the audit logs protected against modification?
  • All the audit records are stored in the MySQL database. To ensure security, the MySQL server has been configured not to accept connections from remote hosts. In addition, the password to access the MySQL server is randomly generated for every PMP installation. So, unless people gain entry into the database, the audit records cannot be modified.

©2014, ZOHO Corp. All Rights Reserved.

Top