Symantec Control Center - audit logs
Created: 20 Jan 2013 | Updated: 28 Jan 2013 | 3 comments
Status:
Already Offered
The Symantec Control Center should include extensive audit logs for any changes made on the system.
The audit log should include time&date, user that made the change, type of change (spam, content, configuration changes, and details of the change).
The audit logs should be exportable to external SIEM systems.
Idea Filed Under:
Comments 3 Comments • Jump to latest comment
This is already available in the product today. Check out the administration guide "About Logs" section. Using the ability to send our logs to a remote Syslog facility you can easily send logs to a SIEM system.
The idea was not to export the logs.
The main problem is that there are NO proper audit logs, that indicate any change that was made in the system.
There is the Brightmail admin events, however, they lack a lot of information in case configuration changes are made.
[original post edited]
The Brightmail Admin Events log should actually show the details you've mentioned. I will follow up with your Business Critical Account Manager directly to get an example to you and otherwise get specific details of what's missing.
Would you like to reply?
Login or Register to post your comment.