Your browser does not allow storing cookies. We recommend enabling them.

SSH

Chapter 12 Auditing Secure and Managed File Transfers

Tectia Manager allows the user to view and monitor the file-related operations on the SFTP servers and on Tectia MFT Events. In addition, Tectia Manager provides the tools for viewing log data collected from the monitored hosts (MFT Events logs, File transfer logs, and SecSh logs), as well as the internal system events and the administrator actions on the Management Server (Event logs and Audit logs).

Once the Management Agents are installed and configured to collect logs from the monitored hosts, they start sending log data to the Management Server. The Management Server stores all logs in its internal database, and the administrator can view the data in the form of various reports.

Tectia Manager can be used to collect file transfer logs from SFTP servers and MFT logs from managed Tectia MFT Events hosts. The file transfer logs are collected from both Tectia and OpenSSH SSH servers, and all logs are stored in the Management Server database.

Since the amount of logged data gets easily very large, Tectia Manager provides versatile search options, so the administrator can select what information to view and how to arrange it. It is also possible to extract reports and to output them as text files or in CSV format for post-processing in some other program.

This chapter contains instructions on activating log collection for SFTP servers and on Tectia MFT Events, and how to audit the collected logs.

For instructions on configuring the Management Agent to collect logs from the monitored hosts, see Enabling Log Collection in Management Agent Configuration.


 

 
Highlights from the SSH.COM blog:

  • Cryptomining with the SSH protocol: what big enterprises need to know about it

    Cryptomining malware is primarily thought of as targeting desktops and laptops and is used to hijack system resources to mine cryptocurrency.
    Read more
  • SLAM the door shut on traditional privileged access management

    Did you know that something as trivial-sounding as granting access for your developers or third parties to a product development environment can throw a gorilla-sized monkey wrench into your operations and productivity?
    Read more
  • We broke the IT security perimeter

    Everyone understands the concept of a security perimeter. You only gain access if you are identified and authorized to do so.
    Read more