Your browser does not allow storing cookies. We recommend enabling them.

SSH Tectia

Auditing

SSH Tectia Server logs events in the syslog on Unix and in the Windows Event Log on Windows. Logging (auditing) is very important for security. You should check your logs often, or use tools to analyze them. From the logs, you can see, for example, whether unauthorized access has been attempted, and take further action if needed. For example, you could set the hosts from which the attempts have been made as denied, or drop the packets from the domain completely at your firewall. The logs also provide troubleshooting information.

The log events are classified in seven levels, in decreasing order of importance:

Security failure (Windows only)

A user tried to log on but failed.

Security success (Windows only)

A user logged successfully on.

Critical (Unix only)

A critical problem has occurred. By default, this is not used by SSH Tectia Server.

Error

A serious problem has occurred, preventing the intended operation from completing successfully.

Warning

A problem has occurred, but the operation can continue.

Notice (Unix only)

An action has been done.

Informational

Extra troubleshooting information.


 

 
PrivX
 

 

 
What to read next:

  • Reduce Secure Shell risk. Get to know the NIST 7966.



    The NISTIR 7966 guideline from the Computer Security Division of NIST is a direct call to action for organizations regardless of industry and is a mandate for the US Federal government.
    Download now
  • ISACA Practitioner Guide for SSH



    With contributions from practitioners, specialists and SSH.COM experts, the ISACA “SSH: Practitioner Considerations” guide is vital best practice from the compliance and audit community.
    Download now