Audit Trail

Overview

Every SecureTrack user action is recorded to give you complete accountability.

In the Audit Trail, you can:

  • Specify the start and end dates of the records that you want to see

  • See the list of the audit trail records

  • Filter the audit trail records based on any of the fields

  • Export the unfiltered or filtered results to a PDF file

You can also configure SecureTrack to send the actions to a syslog server.

The following table shows the audited areas of SecureTrack:

System Configuration

Device Monitoring, Analysis and Reporting
  • User authentication
  • Device management
  • License management
  • Plugin and domain management
  • System configuration
  • User management
  • Policy comparison
  • Revision and rules metadata
  • Topology management
  • Zone management
  • Automatic policy generator jobs
  • Report configuration and generation
  • Repository

Each action is listed with:

  • The date and time of the action

  • The username of the user that did the action

  • The IP address of the host from which the action was done (automatic actions, such as scheduled reports, are listed without a user IP address).

    In deployments where user requests are terminated or proxied by internal components before reaching SecureTrack, the Audit Trail records the IP address of the internal node or pod rather than the original client IP.

  • The category or feature area that the action belongs to

  • The type of action, such as add, remove, modify, or generate report

  • The type of object and object name to which the action was done

  • A description of the action

How Do I Get Here?

SecureTrack > Admin > Audit Trail.