AnsweredAssumed Answered

monitoring PAM administrator activity

Question asked by JMS2811 on Feb 8, 2018
Latest reply on Feb 9, 2018 by JMS2811

Question: PAM administrator activity in credential manager like view password, addition/deletion of target accounts – are these logged by PAM?

will these be part of syslog messages or can they be seen under Session Recording Logs?

 

We want to be able to have access to these logs to generate an alert from SIEM for such privileged operations by PAM administrator. 

 

thanks,

Maruti

Outcomes