Chat now with support
Chat mit Support

One Identity Safeguard for Privileged Passwords 7.1 - Administration Guide

Introduction System requirements and versions Using API and PowerShell tools Using the virtual appliance and web management console Cloud deployment considerations Setting up Safeguard for Privileged Passwords for the first time Using the web client Home Privileged access requests Appliance Management
Appliance Backup and Retention Certificates Cluster Enable or Disable Services External Integration Real-Time Reports Safeguard Access Appliance Management Settings
Asset Management
Account Automation Accounts Assets Partitions Discovery Profiles Tags Registered Connectors Custom platforms
Security Policy Management
Access Request Activity Account Groups Application to Application Cloud Assistant Asset Groups Entitlements Linked Accounts User Groups Security Policy Settings
User Management Reports Disaster recovery and clusters Administrator permissions Preparing systems for management Troubleshooting Frequently asked questions Appendix A: Safeguard ports Appendix B: SPP and SPS join guidance Appendix C: Regular Expressions About us

Check and Change Log tab (account)

The Check and Change Log tab displays the password and SSH key validation and reset history for the selected account.

By default, the check and change log entries displayed are for the last 24 hours. On the web client, use the Date Range drop-down to select a time frame to display and use Export to export the listed data as either a JSON or CSV file (for more information, see Exporting data). If the display does not refresh after selecting a different time interval, click the Refresh.

To access Check and Change Log:

  • web client: Navigate to Asset Management > Accounts > (View Details) > Check and Change Log.
Table 76: Accounts: Check and Change Log tab properties
Property Description
User The display name of the user that triggered the event
Status

The status of the transaction:

  • Failure
  • Success
  • Queued
Reason A system message pertaining to the password and SSH key validation and reset activity, such as the password matches the asset, was changed successfully, or does not match the asset.
Type

The type of transaction:

  • Check Password
  • Change Password
  • Check SSH Key
  • Change SSH Key

NOTE: Check and Change Log only displays events that the appliance performs; that is, it only displays check and change transactions. It does not display Set Password or Set SSH Key transactions. See:

Date/Time

The date of the transaction. The time stamps for transactions are based on the user's local time.

Duration The amount of time the transaction took to complete.

Discovered Services tab (account)

The Discovered Services tab displays information on the services dependent to a selected account. This tab is only available for Windows and Active Directory accounts.

To access Discovered Services:

  • web client: Navigate to Asset Management > Accounts > (View Details) > Discovered Services.

Use these buttons to manage the discovered services.

Table 77: Discovered Services: Toolbar
Option Description
Discover Services

Run the discover services task for each unique Windows asset in the grid below.

Export

Use this button to export the listed data as either a JSON or CSV file. For more information, see Exporting data.

Refresh

Update the list of service discovery jobs.

Search

To locate one or more assets, enter the character string to be used to search for a match. For more information, see Search box.

The following displays for each discovered service.

Table 78: Accounts: Discovered Services tab properties
Property Description

Asset Name

The name of the Windows asset.

Partition

The name of the partition associated with the Windows asset.

Dependent Account

A check displays if the account is associated as an account dependency on the asset. The value is blank if the account is not associated as an account dependency of the asset.

Service Type

Type of service discovered. Values may be Service or Task.

Service Name

The name of the discovered service or task.

Service Enabled

A check displays if the service or task on the asset is enabled. If there is no check mark, the service or task is disabled.

Discovered Account

The discovered service account name configured.

Date/Time Discovered

The date and time when the service or task was discovered.

Discovered SSH Keys (account)

The Discovered SSH Keys tab displays the discovered SSH keys for the account.

To access Discovered SSH Keys:

  • web client: Navigate to Asset Management > Accounts > (View Details) > Discovered SSH Keys.
Table 79: Accounts: Discovered SSH Keys tab properties
Property Description

Fingerprint

The fingerprint of the SSH key used for authentication.

Account Status

The status of the Safeguard account.

SSH Key Managed

This column will have a check mark indicating the SSH key currently in use on the account.

Comment

Free form comment.

Key Type

SSH key identity type such as RSA or DSA. For more information, see SSH Key Profiles.

Key Length

The supported RSA or DSA key length displays.

Asset Name

Name of the asset associated with the account.

Account

The name of the account where the SSH key was discovered.

Date/Time Discovered

The date and time when the SSH key was discovered.

Use these buttons on the details toolbar.

Table 80: Accounts: Discovered SSH Keys tab toolbar
Option Description

Discover SSH Keys

Run the selected SSH Key Discovery job. A Task pop-up display which shows the progress and completion.

The button is enabled when the configuration is complete, including a profile (which has a schedule). For more information, see SSH Key Profiles tab (partitions).

Revoke

Use this button to revoke access for unmanaged SSH keys.

Refresh

Update the list of dependent assets assigned to the selected account.

Search

To locate a specific dependent asset in this list, enter the character string to be used to search for a match. For more information, see Search box.

History tab (account)

The History tab allows you to view or export the details of each operation that has affected the selected account.

To access History:

  • web client: Navigate to Asset Management > Accounts > (View Details) > History.

    The top of the History tab contains the following information:

    • Date Range: By default, the history details are displayed for the last 24 hours. From the drop-down, select one of the time intervals to display history details for that time frame.

    • Export: Use this button to export the listed data as either a JSON or CSV file. For more information, see Exporting data.

    • Refresh: Update the list displayed.

    • Search: For more information, see Search box.

Table 81: Accounts: History tab properties
Property Description
Date/Time The date and time of the event.
User The display name of the user that triggered the event.
Source IP The network DNS name or IP address of the managed system that triggered the event.
Object Name The name of the selected account.
Event

The type of operation made to the selected account:

  • Create
  • Delete
  • Update
  • Add Membership
  • Remove Membership

NOTE: A membership operation indicates a relationship change with a related or parent object such as the selected account was added or removed from the membership of an account group.

Related Object

The name of the related object.
Related Object Type The type of the related object.

Parent

The name of the object to which the selected account is a child.
Parent Object Type The parent object type.
Verwandte Dokumente

The document was helpful.

Bewertung auswählen

I easily found the information I needed.

Bewertung auswählen