Tim,
If you have a reporting license, you can run an Audit report which
will tell you who logged in and out of their console/webconsole and at
what time.
Audit reports also record other interesting auditing information such
as when policies were changed, when sensors were stopped/started, when
XPUs were installed, etc.
On 5/31/05, Doug.Janelle@thermo.com <Doug.Janelle@thermo.com> wrote:
You could do a port scan (netstat, tcpview, et. al) on
the management server and see what connections to
port 3998 are open, Not sure this is what you were
looking for, but might be helpful to know who is logged
in to a SP session.
dcj2
To: issforum@iss.net
cc: (bcc: Doug Janelle/Inc/Jouan)
Subject: [ISSForum] SiteProtector user login auditing
Is it possible to trace user logins to SiteProtector?
Thank-you,
Tim Beatty
_______________________________________________
ISSForum mailing list
ISSForum@iss.net
TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to
https://atla-mm1.iss.net/mailman/listinfo/issforum
To contact the ISSForum Moderator, send email to mod-issforum@iss.net
The ISSForum mailing list is hosted and managed by Internet Security Systems,
6303 Barfield Road, Atlanta, Georgia, USA 30328.
_______________________________________________
ISSForum mailing list
ISSForum@iss.net
TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to
https://atla-mm1.iss.net/mailman/listinfo/issforum
To contact the ISSForum Moderator, send email to mod-issforum@iss.net
The ISSForum mailing list is hosted and managed by Internet Security Systems,
6303 Barfield Road, Atlanta, Georgia, USA 30328.
