SRM-100 - Secure Rack Modem, User's Guide

 

 

 

 

Operation

 

 

 

 

 

 

 

 

Date

Time

Duration

Port

Name

Password Entry

Exit Status

 

------------------------------------------------------------------------------

08/11

09:53

00:00:00

M(out)

 

 

No Answer

 

08/11

09:49

00:00:00

M(in)

T. Jefferson

nickel

Dialing

Back

08/11

09:42

00:01:05

C

 

 

Exit Command

08/11

09:39 00:00:41 M(in)

G. Washington

cherrytree

Connection Lost

08/11

09:37

00:01:35

M(out)

 

 

DTR Drop

 

08/11

09:37

00:00:00

M(in)

A. Lincoln

stovepipehat

Dialing

Back

08/11

09:33

00:02:15

C

 

 

Exit Command

08/11

09:27

00:03:45

M(in)

P. Revere

horse

No Activity

 

08/11

09:22

00:00:00

M(in)

 

secret

Invalid

Password

08/11

09:17

00:03:05

M(in)

F. Roosevelt

dime

DTR Drop

 

08/11

09:07

00:05:18

M(in)

B. Ross

flag

Connection

Lost

08/11

09:05

00:01:30

M(out)

 

 

Connection

Lost

08/11

09:05

00:00:00

M(in)

A. Jackson

twenty

Dialing

Back

08/11

08:52 00:03:27 M(in)

G. Washington

cherrytree

No Activity

 

08/11

08:43

00:05:48

C

 

 

No Activity

 

08/11

08:40

00:00:00

M(in)

 

guest

Invalid

Password

08/11

08:39

00:00:00

M(in)

 

test

Invalid

Password

08/11

08:36

00:02:31

M(in)

C. Coolidge

silentcal

DTR Drop

 

Press:

<Enter> Next 20 entries, <ESC> to abort ...

 

 

 

 

 

 

 

 

 

 

 

 

Figure 7.1: The Audit Log

7.5. Viewing the Audit Log

The Audit Log provides a means to track password use and access attempts. Item 11 in the General Parameters menu (/G) determines which type of access attempts will be recorded. The Audit Log can be configured to record all connection attempts, only successful attempts, or only unsuccessful attempts.

Note that the Audit Log can only be viewed via the SRM command mode. To display the Audit Log, access the command mode as described in Section 5.1, then type /C and press [Enter]. Events are listed in reverse chronological order, with the most recent attempts appearing at the top of the list.

The Audit Log will list only the most recent 100 connection attempts. After 100 events are recorded, the log will wrap-around; and older events will be deleted as each new event is added. If you wish to clear the audit log and delete all entries, access the SRM's Command Mode, then type /U and press [Enter], the Utilities Menu will appear. From the Utilities Menu, type 2 (Delete Audit Log), press [Enter] and follow the instructions in the submenu. Note that deleted log entries cannot be recovered.

To view access activity for each individual password, type /D and press [Enter] to display the Password Directory as described in Section 6.4.

7-5

Page 35 Page 37
Page 36
Image 36
Western Telematic SRM-100 manual Viewing the Audit Log
Page 35 Page 37
Top Page Image Contents