Previous Topic

Next Topic

Book Contents

Book Index

System - Auditing

SysAdmin users can change these settings.

To specify Audit Log settings:

  1. Sign on as Sys Admin. Click SETTINGS > System > Auditing.
  2. Select a log category: Event Log, Syslog, Error Display, Failed Signons. Make selections and click Change Logging Settings. For more information, see the subsections below.

Event Log

As SysAdmin, click SETTINGS > System > Auditing > Event Log. The Configure Event Log Settings page opens. Make selections and click Change Setting.

Options:

Audit log entries that report successful actions are entered as Information level events. Entries that report unsuccessful actions are entered as Error level events.

Example of an entry written to the Windows Application Event Log:

Although MOVEit Transfer can send audit entries directly to a remote Syslog server, other utilities are available for sending logs from local Event Logs to SysLog or SNMP management consoles. For more information, see SysLog and SNMP.

Syslog

As SysAdmin, click SETTINGS > System > Auditing > Syslog. The Configure Syslog Settings page opens. Make your selections and click

Note: In addition to editing this setting, a SysAdmin must configure a Syslog host, and optionally configure a Port to use for the connection (default = 514), and the Facility that audit messages appear as on the Syslog management console (default = FTP).

Options:

SysLog is based on UDP (usually port 514) and is therefore a best efforts protocol because neither the client nor the server know whether SysLog messages are dropped by the network.

Audit log entries that report successful actions are entered as Information level events. Entries that report unsuccessful actions are entered as Error level events.

Example:

If the test is successful, a message similar to below should show up in the Syslog management console on the remote Syslog server:

Error Display

As SysAdmin, click SETTINGS > System > Auditing > Syslog. The Set Error Display Settings page opens. Make a selection and click Change Setting.

Option:

For more information, see Exception Handling.

Failed Signons

Normally, MOVEit Transfer records every failed signon attempt that happens on the system to the audit log. On some busy systems, large numbers of these records can make it difficult to search for other issues, and can slow down access to all audit log records. To alleviate this problem, you can prevent certain types of signon failures from being recorded in the log.