Manuals / Symantec / Computer Equipment / Server

Symantec Security Expressions Server manual Setup, Viewing Audit Results, Database Connection

Models: Security Expressions Server

1 97

Download 97 pages 26.04 Kb

Page 20

SecurityExpressions Server User Guide

Viewing Audit Results

SecurityExpressions generates audit results through the following kinds of audits. To view results from each kind of audit, a user needs rights to view results from key configurable items (machine lists, policies, and scopes) involved in the audit. The configurable items to which a user needs audit-result viewing rights, for each kind of audit, are:

Audit on Schedule

•policies

•My Machine Lists or global machine lists

Audit on Connect

•policies

•scopes

Self-Service Audits

•policies

•any My Machine Lists or global machine lists the computer belongs to, whether or not the machine list is involved in the audit

•Super User item rights, if the computer does not belong to any machine list

Instant Audits - performed in the console application's Audit tab

•policies

•global machine lists, if auditing a machine list

•any My Machine Lists or global machine lists that the computer(s) belong to, if auditing individual computers instead of a machine list

•Super User item rights, if the computer does not belong to any machine list

Web-Services Audits - audits activated through the Web-services layer (see the SecurityExpressions Web Services API Guide for more information)

•policies

•global machine lists, if auditing a machine list

•any My Machine Lists or global machine lists that the computer(s) belong to, if auditing individual computers instead of a machine list

•Super User item rights, if the computer does not belong to any machine list

Setup Page

Database Connection

The Application Setup page displays the name of the system where the database resides and the database's name. The Database Connection settings on the Application Setup page let you connect the SecurityExpressions Audit & Compliance Server to a central database.

If you don’t want to connect to an existing database and don’t need to create a custom database, you have the option of creating the database using the Database Connection settings instead of creating it in the database application.

12

Image 20

Symantec Security Expressions Server manual Setup, Viewing Audit Results, Database Connection

Contents

SecurityExpressions Server User Guide Page Table Of Contents Page Table Of Contents Page Vii Page Contacting Us Page Technical Support Contacting Technical SupportPage Other Products SecurityExpressions ConsolePage Overview About SecurityExpressions Audit & Compliance ServerPage Self-Service Audit What is Self-Service Auditing?Self-Service Audit Agreement How to Audit your Local ComputerDisplays on the page. No detailed audit results appear Configure Servers About Server ConfigurationLocal Server Settings Pages with Role SettingsDatabase Connection SetupViewing Audit Results Secure Connection Windows 2000 ServersCreating Credential Stores Click OK on the Default Web Site Properties windowCredential Store User Enable Web Services SecurityExpressions Console Credential StoresSoftware Registration Site PreferencesAccess Global Machine List Access User Roles Item RightsCheck the Synchronize with a policy file library box Policy File LibraryLibrary Synchronization About Policy Files How System Scores are CalculatedTarget Options Agent & Service ConfigurationDefault method for remote execution on Windows SSH Agent Authentication Database Cleanup Update Task CancelPolicies Add TaskClick Use the Following Agreement Agent DownloadsSite Preferences Allow Remediation Page What is Audit-on-Connect? Audit-On-ConnectPolicies Policies TablePage Adding Policies Editing Policies Configuring with Run-Time Policy Variables Deleting PoliciesPage Add a New Scope ScopesScopes Page Edit a Scope Scopes Table Deleting Scopes DNS Domain Name ScopesExpression Scopes Supported OperatorsDetection Method Scopes Supported FunctionsOrg Unit Scopes Notifications Creating New Command Notifications Creating New Email NotificationsClick Add New Editing NotificationsClick Add New Creating New Command Notifications Deleting Notifications Notification VariablesExceptions ExceptionsExceptions Table Column Description Adding ExceptionsSpecify Password and Encrypted Password Connection MonitorsDeleting Exceptions Connection MonitorsEnabling Connection Monitors Configuring Connection MonitorsRemove Connection Monitor Configuration File IP Range SectionDefault OptionsActive Directory Active Directory Connection Monitor only Processing the Configuration FileConfiguration File Syntax Network Slow LinksTrace Route Information Network Admissions ControlUnmanaged Systems Initial TokenHealthy Quarantined/UnknownReaudit if quarantined Redirection WebAudit on Connect Tracing Audit on Connect TracingRedirection Web Page Behavior Page Page What is Audit-on-Schedule? Audit-On-SchedulePage Adding Policies Editing Policies Deleting Policies Page Notifications Click Add New Click Add New Deleting Notifications My Machine Lists My Machine ListsAdding Machine Lists Editing Machine ListsScheduled Tasks Deleting Machine ListsEditing Global Machine Lists Scheduled TasksBasic Settings Adding Scheduled TasksSchedule Settings Hosts Not Connected Settings Other Options Settings Credentials SettingsWindows Group Access Editing Scheduled TasksSchedule Settings Notifications Other Options Settings Deleting Scheduled Tasks Page View Audit-On-Connect Activity Browse Audit-On-Connect ActivityAudit-On-Connect Activity Table Column Description Adding a New Audit-On-Connect Report ProfileEditing Report Profiles Deleting Report ProfilesAudit-On-Connect Error Log Report Audit-On-Connect Exceptions ReportPage Adding a New Audit Results Report Profile View Audit ResultsBrowse Audit Results Page Scheduled Audits Log Report Adding Custom Reports to the Server ApplicationEditing Audit Report Results Profiles Deleting Audit Report Results ProfilesPage Glossary Page Configure IndexIP address 33, 44, 45 Rule weights