Tectia Server logs events in the syslog on Unix and in the Windows Event Log on Windows. Logging (auditing) is very important for security. You should check your logs often, or use tools to analyze them. From the logs, you can see, for example, whether unauthorized access has been attempted, and take further action if needed. For example, you could set the hosts from which the attempts have been made as denied, or drop the packets from the domain completely at your firewall. The logs also provide troubleshooting information.
The log events are classified in seven levels, in decreasing order of importance:
Security failure (Windows only)
A user tried to log on but failed.
Security success (Windows only)
A user logged successfully on.
Critical (Unix only)
A critical problem has occurred. By default, this is not used by Tectia Server.
A serious problem has occurred, preventing the intended operation from completing successfully.
A problem has occurred, but the operation can continue.
Notice (Unix only)
An action has been done.
Extra troubleshooting information.
Copyright 2018 SSH Communications Security Corporation This software is protected by international copyright laws. All rights reserved. Contact Information
Highlights from the SSH.COM blog:
Cryptomining with the SSH protocol: what big enterprises need to know about it
Cryptomining malware is primarily thought of as targeting desktops and laptops and is used to hijack system resources to mine cryptocurrency. Read more
SLAM the door shut on traditional privileged access management
Did you know that something as trivial-sounding as granting access for your developers or third parties to a product development environment can throw a gorilla-sized monkey wrench into your operations and productivity? Read more
We broke the IT security perimeter
Everyone understands the concept of a security perimeter. You only gain access if you are identified and authorized to do so. Read more