Audit and Logging
Audit
A CBH system records audit logs for all operations on users' personal data, including adding, modifying, querying, and deleting data. The logs can be backed up to a remote server or local computer. Users with the audit permission can view and manage logs of user accounts in lower-level departments. The system administrator Admin has the highest permissions and can view and manage operation records of all user accounts used to log in to the CBH system.
In a CBH system, each system user has a unique identifier. After a system user logs in to the CBH system, the CBH system logs their operations and monitors and audits their operations on managed resources based on the unique identifier so that any security events can be discovered and reported in real time.
Function |
Description |
---|---|
System operation audit |
All operations in a CBH system are recorded, and alarms are reported for misoperations, malicious operations, and unauthorized operations.
Details about a login, including the login mode, system user, source IP address, and login time, are recorded. System login logs can be exported with just a few clicks.
All system operation actions are recorded. System operation logs can be exported with just a few clicks.
CBH displays all operation details of users in one place, including user statuses, user and resource creation, login methods, abnormal logins, and session controls. System reports can be exported with just a few clicks and periodically reported by email.
You can configure different alarm reporting methods and alarm severity levels for system operation and your application environment so that the CBH system sends alarm notifications by email or system messages as soon as it determines system exceptions and abnormal user operations. |
Resource O&M audit |
A CBH system records user operations throughout the entire O&M process and supports multiple O&M auditing techniques. It audits user operations, identifies O&M risks, and provides the basis for tracing and analyzing security events.
Linux command audits For command operations through character-oriented protocols (such as SSH and Telnet), a CBH system records the entire O&M process, parses operation commands, reproduces operation commands, and quickly locates and replays operations using keywords in input and output results.
For operations on terminals and applications through graphics protocol (such as RDP and VNC), the CBH system records all remote desktop operations, including keyboard actions, function key operations, mouse operations, window instructions, window switchover, and clipboard copy.
For command operations through database protocols (such as DB2, MySQL, Oracle, and SQL Server), the CBH system records the entire process from single sign-on (SSO) to database command operations, parses database operation instructions, and reproduces all operating instructions.
For file transfer operations through file transfer protocols (such as FTP, SFTP, and SCP), the CBH system audits the entire file transfer process on web browsers or clients, and records the names and destination paths of transferred files.
Real-time monitoring Ongoing O&M sessions can be monitored, viewed, and terminated.
All O&M operations are recorded and history session logs can be exported with just a few clicks.
Linux commands and Windows operations can be recorded by video recordings. Video recordings can be downloaded with just a few clicks.
CBH uses various reports to display O&M statistics in one place, including O&M action distribution over time, resource access times, session duration, two-person authorization, command interception, number of commands, and number of transferred files. Operation reports can be exported with just a few clicks and periodically sent by email.
CBH allows you to back up history session logs to a remote Syslog server, FTP/SFTP server, and OBS bucket for disaster recovery. |
Logging
CBH supports managing password change logs and command execution logs and viewing system logs and audit logs.
CBH had interconnected with Log Tank Service (LTS) for log collection, analysis, and storage. You can use LTS to efficiently perform device O&M management, service trend analysis, and security monitoring and audit.
For details about LTS and how to enable LTS, see "Configuring LTS for CBH".
Log Records
A CBH system records audit logs for all operations on users' personal data, including adding, modifying, querying, and deleting data. The logs can be backed up to a remote server or local computer. Users with the audit permission can view and manage logs of user accounts in lower-level departments. The system administrator Admin has the highest permissions and can view and manage operation records of all user accounts used to log in to the CBH system.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot