Audit logs and configurations
Audit log policies and configurations
1. SSH Logs
Only SSH logs have the option to be truncated since they use the filesystem to store the user's SSH logs, and only the metadata is stored in the database.
2. Authentication Logs
3. Web Activity Logs
The web panel activity logs provide comprehensive log information about the accessed sections and functions in GUI but also include timestamps, indicating the dates and times of these activities.
4. Shell Activity Logs or Gateway Activity Logs
The SSH gateway activity logs provide a comprehensive log about every instance of Ezeelogin gateway users accessing the Ezeelogin gateway server shell.
5. Server Activity Logs
The server activity logs provide a comprehensive log of actions and interactions carried out by Ezeelogin gateway users when accessing the remote servers.
6. RDP Logs
The RDP logs provide comprehensive log information about the gateway user's actions or activities during an RDP session. The recorded RDP sessions are in RDP Bitmap Delta Stream and cannot be viewed by third-party software.
7. SCP Logs
The SCP logs provide comprehensive information about file transfers conducted by the gateway user using the parallel copy feature in ezsh.
8. Web Proxy Logs
The web proxy logs provide comprehensive information about all access to the web portal via the reverse proxy.
9. Web Proxy Activity Logs
The Web Proxy Activity Logs provide comprehensive information about user access details to the web portal using the reverse proxy.
- Integrate Ezeelogin SSH Jump host with splunk for SIEM
- Integrate Ezeelogin SSH Jump host with syslog