User activity attribution even after they "sudo to root"

By Centrify Contributor II on ‎03-26-2017 10:53 AM - last edited 3 weeks ago

Centrify Server Suite 2017's new Advanced Monitoring functionality preserves "identity context" even after the user "sudo's to root".

 

The new “advanced monitoring” feature adds three new functionalities:

  • Generate audit trail events when specific programs are executed by any user.
  • Generate audit trail events when any file in the directories /etc, /var/centrifyda and /var/centrifydc is modified by a non-root user.
  • Get history of programs executed in an audited session, including programs that are executed by scripts.
Read more...

Showing results for 
Search instead for 
Do you mean 
Labels
Leaderboard

Community Control Panel