Symantec Privileged Access Management

  • 1.  PIM UI audit in jboss

    Posted Apr 09, 2018 04:23 PM

    Is it possible to get all the audit events of UI in system -> audit to get into jboss?



  • 2.  Re: PIM UI audit in jboss
    Best Answer

    Broadcom Employee
    Posted Apr 16, 2018 03:43 AM

    Hello Seema,

     

    What you see in the PIM UI in

     

    Privileged Accounts / Audit Privileged Accounts
    and
    System / Audit / View Submitted Tasks

     

    basically comes out of the central DB.

     

    It is suggested that you use the Event Forwarder feature integrated in PIM 14 or available as an add on for earlier versions.

    This will forward the relevant events to any syslog compatible receiver.

     

    In case of further questions please do not hesitate to open a Support Case with us.

     

    Best Regards,

    Andreas



  • 3.  Re: PIM UI audit in jboss

    Posted Apr 16, 2018 12:48 PM

    Hi Andreas,

     

    Thank you for your response.

     

    Unfortunately, the requirement is currently for PIM 12.9 and not 14.

     

    I checked the central DB does not have audit for Roles and Tasks. What I see in there is endpoint, check-in, check-out, Break-Glass.

     

    Requirement is – When I add or remove a user from a Role, PIM is suppose to send audit for the Role name, user added/removed, action performed by. At most I can get to the runtime tables tasksession12 and event12 to see the role modified and by whom. But not which user was added or removed.

     

    Ticket opened with CA 2 weeks back– 01002989- PIM(ENTM): Audit Role Membership changes

     

    I would appreciate help from someone who has worked in this area before.

     

    Thanks,

    Seema