Sometimes it is required to trace login/logoff activities of the administrator in order to be compliant with legal guidelines or simply for security reasons (see also our article “What to do with all those logs“). The Safed agent for Windows can be easily configured to collect administrator’s login/logoff. The agent is deployed with some administrator discovery commands,…
Read MoreAs well known, the Safed agent for Windows can collect events from the event log, filters them and forward the matched records to a centralized syslog server. There are some preconfigured set of events concerning basic activities that have to be tracked. The first one, and probably the most famous due to existing law conformity…
Read MoreThis new feature has been introduced for the auditing of Cluster installations and hosts with multiple IP addresses. The concept behind the aggregation of flows from different sources resides on the integration of log flows from load balanced hosts or hosts in failover configuration within a single host definition. This allows also the registration of…
Read MoreThis article will highlight quickly an approach for the monitoring of your syslog agent in terms of availability and reactiveness. SyslogView OS agent check defintions The NetEye SyslogView server includes a check logic for the monitoring of the syslog agent on the remote server. The monitoring techniques cover the strategy to launch a Nagios interpretable…
Read MoreCome sapete il provvedimento del garante richiede di monitorare gli accessi ai sistemi informatici, tra questi uno dei piu’ critici e’ sicuramente il vostro firewall, come fare a monitorare gli accessi in presenza di un firewall Checkpoint ? Vediamolo insieme: In questo caso abbiamo un cluster di firewall Checkpoint basati su Sistema operativo IPSO che…
Read MoreSembra che non ci saranno proroghe per il provvedimento del Garante della Privacy per l’archiviazione dei log degli accessi degli amministratori. Entrerà ufficialmente in vigore il 15 dicembre 2009. Come già discusso abbondantemente anche su questi posts, NetEye offre una possibile soluzione per ottemperare il provvedimanto. Qualora foste interessati ad avere più dettagli potete guardare…
Read More