Difference between revisions of "Security Audit"

Revision as of 21:10, 2 March 2021

Home > Administration > System > Security > Security Audit

Introduction

The Security Audit keeps track of a number of events that relate to user access to Hornbill. From here you can quickly identify when the access took place and by who or what.

Related Articles

Options

Filter Audit Log

This option lets you quickly filter the list to display entries for a particular account or access from an IP address.

Success / Failure

This option lets you filter between successful events and failed events

Event Types

Use this option to filter between the available event types

Logon

Shows a successful logon by a user

Logoff

Shows a successful logoff by a user

User API Session Create

Identifies when a user session has been created via an API call

Session Timeout

Show any sessions that have timed out due to inactivity

Session Kill

Show any sessions that were killed

Event Source

Use this option to filter between the available sources of the events

Guest Local

Guest account Login and Logoff events that use Hornbill authentication

Guest SAML

Guest account Login and Logoff events that use SAML authentication

User Local

User account Login and Logoff events that use Hornbill authentication

User SAML

User account Login and Logoff events that use SAML authentication

System

System account events that require authentication

@@ Line 1: / Line 1: @@
 {{bluebanner|[[Main_Page|Home]] > [[Administration]] > [[System Administration|System]] > [[System Security|Security]] > Security Audit|[[:Category:Administration|Index]]}}
-== Introduction ==
+{{IntroAndLinks|
-The Security Audit keeps track of a number of events that relate to user access to Hornbill.  From here you can quickly identify when the access took place and by who or what.
+The Security Audit keeps track of a number of events that relate to user access to Hornbill.  From here you can quickly identify when the access took place and by who or what.|
+:* [[Network Rules]]
+:* [[Users]]
+|}
+}}
 == Options ==
+[[File:SecurityAuditList.png|right|600px|link=https://wiki.hornbill.com/images/1/11/SecurityAuditList.png]]
 === Filter Audit Log ===
-This option lets you quickly filter the list to display entries for a particular account or access for an IP address.
+This option lets you quickly filter the list to display entries for a particular account or access from an IP address.
+=== Success / Failure ===
+This option lets you filter between successful events and failed events
 === Event Types ===
+Use this option to filter between the available event types
 {{bullet1|Logon|Shows a successful logon by a user}}
 {{bullet1|Logoff|Shows a successful logoff by a user}}
@@ Line 13: / Line 22: @@
 {{bullet1|Session Timeout|Show any sessions that have timed out due to inactivity}}
 {{bullet1|Session Kill|Show any sessions that were killed}}
+=== Event Source ===
+Use this option to filter between the available sources of the events
+{{bullet1|Guest Local|Guest account Login and Logoff events that use Hornbill authentication}}
+{{bullet1|Guest SAML|Guest account Login and Logoff events that use SAML authentication}}
+{{bullet1|User Local|User account Login and Logoff events that use Hornbill authentication}}
+{{bullet1|User SAML|User account Login and Logoff events that use SAML authentication}}
+{{bullet1|System|System account events that require authentication}}
+[[Category:Administration]]