Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

Symantec Control Center - audit logs

Created: 20 Jan 2013 • Updated: 28 Jan 2013 | 3 comments
Yafit-amd's picture
0 Agree
0 Disagree
0 0 Votes
Login to vote
Status: Already Offered

The Symantec Control Center should include extensive audit logs for any changes made on the system.

The audit log should include time&date, user that made the change, type of change (spam, content, configuration changes, and details of the change).

The audit logs should be exportable to external SIEM systems.

Comments 3 CommentsJump to latest comment

Amanda Grady's picture

This is already available in the product today. Check out the administration guide "About Logs" section. Using the ability to send our logs to a remote Syslog facility you can easily send logs to a SIEM system.

 

0
Login to vote
Yafit-amd's picture

The idea was not to export the logs.

The main problem is that there are NO proper audit logs, that indicate any change that was made in the system.

There is the Brightmail admin events, however, they lack a lot of information in case configuration changes are made.

0
Login to vote
Amanda Grady's picture

[original post edited]

The Brightmail Admin Events log should actually show the details you've mentioned. I will follow up with your Business Critical Account Manager directly to get an example to you and otherwise get specific details of what's missing. 

0
Login to vote