|Advanced management / Auditing|
Recording security-related incidents is a prerequisite for detailed system analysis. The events logged facilitate the exact tracking of processes on a specific workstation or within a network. By logging events, you can for example verify security breaches committed by third parties. By using the logging functionality, administrators and security officers can also detect errors in granting user rights and correct them.
SafeGuard Enterprise logs all endpoint activities and status information as well as administrator actions and security-related events and saves them centrally. The logging functionality records events triggered by installed SafeGuard products. The type of logs is defined in policies of the type Logging. This is also where you specify the output and saving location for the logged events: the Windows Event Log of the endpoint or the SafeGuard Enterprise Database.
As a security officer with the necessary rights, you can view, print and archive status information and log reports displayed in the SafeGuard Management Center. The SafeGuard Management Center offers comprehensive sorting and filter functions which are very helpful when selecting the relevant events from the information available.
Automated analyses of the log database, for example with Crystal Reports or Microsoft System Center Operations Manager, are also possible. SafeGuard Enterprise protects the log entries against unauthorized manipulation using signatures on the client and on the server side.
Depending on the logging policy, events of the following categories can be logged:
For SafeGuard Data Exchange, you can track files accessed on removable media by logging the relevant events. For further information on this report type, see File access report for removable media and cloud storage.
For SafeGuard Cloud Storage, you can track files accessed in your cloud storage by logging the relevant events. For further information on this report type, see File access report for removable media and cloud storage.