This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Serena CM and SBM Audit Trails (Logs)

Good morning all,

We are trying to figure out how to get our administrators to create an audit log monitoring and review procedure. They need this to meet various NIST 800-53 controls. They need to be able to prove that they can monitor the following in accordance with mandated policy.

  • Account Logon (Success, Failure) Domain Policy;
  • Account Management (Success, Failure) Domain Policy;
  • Directory Service Access (Success, Failure) Domain Policy;
  • Logon Events (Success, Failure) Domain Policy;
  • Object Access (Success, Failure) Domain Policy;
  • Policy Change (Success Failure) Domain Policy;
  • Privilege Usage (Failure) Domain Policy;
  • System Events (i.e. starting, stopping) (Success, Failure); and
  • Date stamps.

Is there a script, checklist, or something that would aid in this?

Thanks all!

  • Suggested Answer

    0  

    You can enable audit logs for Dimensions CM in the dm.cfg file to track all login attempts and also to capture all operations that users perform (including fetching any files and any failed operations in the case where the user does not have the correct permissions). Prior to CM 14.5 this was written to a log file on the server and 14.5 introduced the option to store this in the database. 

    Dimensions CM authenticates users against your domain controller or LDAP server which will itself also capture any login attempts. 

  • 0 in reply to   

    Thanks Richard. That certainly will help us point them in the right direction.