Users with sufficient or administrator privileges can modify the system configuration in ways which could affect the system environment. System Trails feature enables you to track changes to the system configuration. All user-initiated events that modify the state or the behavior of the system are logged. This section will guide you to use the System Trail feature.

Understanding audit events

Every action for configuration change in the system log is defined with standard parameters and event specific additional details. Standard parameters include

  • Timestamp

  • Action Type

  • Performed (Name of the type)

Additional event specific parameters include change logs of respective event groups

Viewing system trail

To reach the system trail, follow the steps below:

  • Navigate to the "System" option in the navigation bar.

  • Select "System Trail" from the sidebar. An informative screen will appear in front of you about the trails. 

  • Choose the Date & Time to define the period for which you wish to view the trails for.

  • Select the "Instance" for which you wish to view the trails.

  • Navigate to the right corner where you will see a drop-down list of the types of system trails you wish to view. Based on the parameter selected from the drop-down list, you will see a list of details covering Timestamp, Action, Performed by, Instance and the selected parameter.

  • Based on the action executed, a complete list of the changes made with regards to the 'Action' will be generated and viewable.

System event & groups

System trail events are available in the following groups.

Trail Record

Description

Access types

The type of access could either be user-defined or system-defined. 

Account dependencies

Account dependencies deal with password setting changes for dependent accounts.

Account group policy

Account group policy deals with enforcing comment, comment minimum length, allowing access via API and requiring ticket number.

Account groups

Account groups are created to define which accounts belong to which asset type so that similar assets and accounts are mapped to a group for a particular access.

Account group attributes

The properties of the account group are used to configure and define an account group.

Account group mapping

The linking of account groups to various accounts having common access or purpose of work.

Accounts

Accounts are used to provide particular access to users.

Account defaults

Default parameters of accounts such as asset category, asset type, account type and account role.

Account discovery

Accounts that were discovered across target assets and automatically onboarded to ease the load of creating several accounts every time of account discovery are used.

Active mapping

Active mapping process is used to link user groups to account groups.

Active mapping account group

The list of account groups available to be mapped to the user groups.

Active mapping attributes

The properties of the active mapping used to map user and account groups.

Active mapping user group

The list of user groups available to be mapped to the account groups.

Appserver TPA

It helps to fetch data of all the access types available.

Asset configuration directory server

Deals with changes in asset configuration pertaining to the directory server.

Asset types

Type of target assets based on asset category.

Asset type access types

The access types which are mapped to the asset type.

Asset type password change method

The method to change the password of the asset type .

Assets

List of target assets mapped within the PAM system.

Checkout policy

Policies to request for a checkout of passwords to target assets and accounts.

Command types

Type commands that can be executed.

Criticality levels

The level of critical task that we are dealing with defines the criticality level.

Directory stores

Types of directory such as Windows AD.

Duo

An authentication provider which requires an integration key and secret key to have access to the system.

Email gateway

A gateway that allows communication of alerts and OTP's to users with SMTP protocols to pass through the server connection.

Email templates

Notification templates that tell you whatever activity has taken place in the system.

Generic radius

An authentication provider which requires an username and shared key to have access to the system.

Google authenticator

An authentication provider which requires the url link to have an access to the system.

Instances

These are created to attach an object to itself for defining its functionalities.

IO devices

The devices which are required to perform input and output operations on the system.

IP segments

The IP range which is required in order to have set boundaries for certain data access in the system.

Landing & app servers

Used when the ports needed for taking sessions are blocked on PAM or when the processing of sessions needs to be handled by a different server.

Locations

It helps to locate the IP segments of the particular location.

Log forwarding

It enables Sectona Session Logs to be forward to an external service such as a SIEM.

Network discovery AD

It helps to discover assets across the active directory.

Network discovery AWS

It helps to discover assets across AWS.

Network discovery Azure

It helps to discover assets across Azure.

Network discovery Hyper V

It helps to discover assets across Hyper-V.

Network discovery VMWare

It helps to discover assets across VMware.

Network proxy

Provides a proxy server to the network.

Network scan

It helps to discover assets using a network scan.

Okta

An authentication provider which requires a sub-domain and API key to have access to the system.

One login

An authentication provider which requires a sub-domain, client ID and client secret to have access to the system.

OTP configuration

The configuration to generate OTP having maximum retries and OTP length .

Password change method process

Process for a corresponding password change method.

Password change methods

The type of password change techniques.

Password manager

The manager keeps a record of the password change and history of that particular job involved.

Password manager accounts

Managing the history of accounts whose passwords have been changed.

Password policy

The properties of passwords that needs to be defined by the user based on the organization's requirement.

Risk score matrix

The matrix which defines risk activity with the default and configured risk level.

Rotation policy

The properties of a password defined by the user to tell how frequently the password must be changed automatically in this policy.

RSA secure ID

An authentication provider which requires an username and shared key to have access to the system.

Schedulers

Deals with automatic scheduling of parameters such as password rotation, report generation, etc.

Sectona authentication lockout policy

The policy which defines the Sectona authentication i.e. how the password must be locked or unlocked.

Sectona authentication password policy

The policy which defines the Sectona authentication i.e. how the password must be generated.

SMS gateway

The gateway URL is required with username and password to receive an SMS OTP for authentication.

System backup

The backup of our PAM system which might be enabled locally or remotely by the user.

System default

This helps to see the default as well as configured values when the system is modified.

Task library

It displays the task that is already created.

Task library process

It defines the various tasks that the user can perform on a day-to-day basis.

User access policy

It defines the method for a user to access the system.

User settings

The settings are configured for a user.

Users

Users are the end-users who access the PAM system.

User groups

These groups are created to add a User to the User Group which have similar functions and roles.

User groups active directory

It helps to add a user to a an Active Directory based User Group. 

User group attributes

It helps to add a user to an Attribute-based User Group.

User group mapping

It helps to map a user to a defined user group.

User instances

It helps to map a user to the required Instance.

User roles

It defines the roles which are permitted to a specific user.

User tasks

These are privileged tasks that the user needs to execute on the target asset.

Vasco token

An authentication provider which requires an username and shared key to have access to the system.

Video recording

The sessions are been recorded according to the properties modified by the user.

Workflow master request types

It helps to put forth workflow requests for access or password change.

Workflow masters

It helps to create a connection according to the asset category and asset type involved.

Workflow master approvers

It helps to approve workflow requests for access or password change.

Workflow master attributes

Properties of workflow master.