It is possible send a notification to an administrator when another one administrator is reviewing the logs?
Hello Adolfo, There is no direct configuration in CA PAM, but you can achieve this through the syslog integration. Most session log messages, including the "Log records viewed" messages, are sent to the syslog server that is configured on the Config > Logs page. This includes the name of the user who viewed the logs. You can then configure an email action on your syslog server when such a message is received. Here is an example message (actual IP addresses replaced with mask):
2017-08-09T10:10:20.238592-04:00 xceedium.com gkpsyslog: Private IP: ***.***.***.***, Public IP: ***.***.***.***, Nat/Proxy IP: ***.***.***.***, User: super, Transaction: admin, Address: - -, Device Name: - -, User Group: testgroup, localg1, localg2, localg3, Port: - -, Access/Protocol: - -, Service/App: - -, Details: Log records viewed
Thank You, very Useful!
Retrieving data ...