SSH Tectia Server logs events in the
syslog on Unix and in the
Windows Event Log on Windows. Logging (auditing) is very important for
security. You should check your logs often, or use tools to analyze
them. From the logs, you can see, for example, whether unauthorized
access has been attempted, and take further action if needed. For
example, you could set the hosts from which the attempts have been made
as denied, or drop the packets from the domain completely at your
firewall. The logs also provide troubleshooting information.
The log events are classified in seven levels, in decreasing order of importance:
A user tried to log on but failed.
A user logged successfully on.
A critical problem has occurred. By default, this is not used by SSH Tectia Server.
A serious problem has occurred, preventing the intended operation from completing successfully.
A problem has occurred, but the operation can continue.
An action has been done.
Extra troubleshooting information.