Western Telematic SRM-100 manual Viewing the Audit Log

Page 36

SRM-100 - Secure Rack Modem, User's Guide

 

 

 

 

Operation

 

 

 

 

 

 

 

 

Date

Time

Duration

Port

Name

Password Entry

Exit Status

 

------------------------------------------------------------------------------

08/11

09:53

00:00:00

M(out)

 

 

No Answer

 

08/11

09:49

00:00:00

M(in)

T. Jefferson

nickel

Dialing

Back

08/11

09:42

00:01:05

C

 

 

Exit Command

08/11

09:39 00:00:41 M(in)

G. Washington

cherrytree

Connection Lost

08/11

09:37

00:01:35

M(out)

 

 

DTR Drop

 

08/11

09:37

00:00:00

M(in)

A. Lincoln

stovepipehat

Dialing

Back

08/11

09:33

00:02:15

C

 

 

Exit Command

08/11

09:27

00:03:45

M(in)

P. Revere

horse

No Activity

 

08/11

09:22

00:00:00

M(in)

 

secret

Invalid

Password

08/11

09:17

00:03:05

M(in)

F. Roosevelt

dime

DTR Drop

 

08/11

09:07

00:05:18

M(in)

B. Ross

flag

Connection

Lost

08/11

09:05

00:01:30

M(out)

 

 

Connection

Lost

08/11

09:05

00:00:00

M(in)

A. Jackson

twenty

Dialing

Back

08/11

08:52 00:03:27 M(in)

G. Washington

cherrytree

No Activity

 

08/11

08:43

00:05:48

C

 

 

No Activity

 

08/11

08:40

00:00:00

M(in)

 

guest

Invalid

Password

08/11

08:39

00:00:00

M(in)

 

test

Invalid

Password

08/11

08:36

00:02:31

M(in)

C. Coolidge

silentcal

DTR Drop

 

Press:

<Enter> Next 20 entries, <ESC> to abort ...

 

 

 

 

 

 

 

 

 

 

 

 

Figure 7.1: The Audit Log

7.5. Viewing the Audit Log

The Audit Log provides a means to track password use and access attempts. Item 11 in the General Parameters menu (/G) determines which type of access attempts will be recorded. The Audit Log can be configured to record all connection attempts, only successful attempts, or only unsuccessful attempts.

Note that the Audit Log can only be viewed via the SRM command mode. To display the Audit Log, access the command mode as described in Section 5.1, then type /C and press [Enter]. Events are listed in reverse chronological order, with the most recent attempts appearing at the top of the list.

The Audit Log will list only the most recent 100 connection attempts. After 100 events are recorded, the log will wrap-around; and older events will be deleted as each new event is added. If you wish to clear the audit log and delete all entries, access the SRM's Command Mode, then type /U and press [Enter], the Utilities Menu will appear. From the Utilities Menu, type 2 (Delete Audit Log), press [Enter] and follow the instructions in the submenu. Note that deleted log entries cannot be recovered.

To view access activity for each individual password, type /D and press [Enter] to display the Password Directory as described in Section 6.4.

7-5

Image 36
Contents Users Guide Firmware Version 1.13 and HigherTable of Contents List of Figures OperationPassword Protected Access IntroductionFeatures Typographic ConventionsUnit Description Front PanelPower Switch Back PanelApplying Power to the Unit Connecting a PC to the Console PortGetting Started Communicating with the SRM-100 Commands Modem Port SettingsMT2834ZPX ATZSRM-100 Secure Rack Modem, Users Guide Hardware Installation Rack Mounting InstallationConnecting Power to the SRM-100 AC Powered UnitsSetUp Switches DC Powered UnitsDefault Modem Baud Rate Sw1, Sw2 Default Flow Control Format Sw3 Default Bits and Parity Sw4Default Rings to Answer Sw5 Default ARQ/Compression Status Sw6 Default Modem Speaker Status Sw7Default Security Mode Status Sw8 Initialize Unit to Default Settings Cable ConnectionModem Port Console PortTelco Line Set-Up and Configuration Command Mode AccessAccess Via the Console Port Access via Modem General Parameters Menu General ParametersSuper ESCSet-Up and Configuration SRM-100 Secure Rack Modem, Users Guide Modem Parameters Menu Modem ParametersDTR SRM-100 Secure Rack Modem, Users Guide Save Parameters Password Directory Edit Password DirectoryAdd Name / Password EDIT/DELETE NAME/PASSWORD Edit / Delete from ListEdit / Delete from Search Viewing the Password Directory Password Directory Sample Data ShownZero Activity Counters Password Functions OperationSRM Operating Modes System Password Console Port PasswordUser Passwords Password on Dial Back Dial Back NumbersSuppressing the Confirmation Prompt Dialing Out from the Modem PortViewing the Audit Log Audit LogSRM-100 Secure Rack Modem, Users Guide Delete Entire Password Directory Utilities MenuZero All Activity Counters Delete Audit LogDefault Parameters Send Test MessageUpload Parameters Pass-Through Mode Console-Modem Download ParametersSaving and Restoring Parameters and Password Directory Sending Parameters to a FileRestoring Saved Parameters Interface Descriptions Console PortModem Port Specifications CompatibilityCustomer Service Trademark and Copyright InformationIndex Index-1Index-2 Index-3