DocumentationRelease Notes
Documentation

Audit

Suggest Edits

What is auditing?

Auditing provides an audit trail of all privileged actions.

  • Auditing records all activity that passes through EPM for Linux.
  • Accurately log activities in a safe environment to implement a secure system administration regime with an audit trail. You always know exactly what is happening in root, as well as who did it, when it happened, and where.

How is it useful?

Use the Auditing page to see more details about EPM for Linux activities.

  • Unified Search: Gathers log files from the EPM for Linux. It's useful for troubleshooting or analyzing system performance, errors, and other activities.
  • Events: View and download event logs. These logs contain detailed records of commands run and includes submit host/user and run host/user, accept/reject events, and the exit status of the command.
  • Console Audit: Audit trail of user sessions. Includes: User name, Session ID, Timestamp, User roles, and IP address.
  • Search and Replay: Records and captures an interactive log of a session. Review to see the command history of a particular session.

The Audit page

The Audit page in EPM for Linux
  1. Administration menu: Access Pathfinder administration pages if you are assigned as an administrator.
  2. Header: Select a tenant or Administration from the menu, manage your profile, and change the display theme.
  3. Select a tile to access auditing features: Unified search, Events, Console audit, and Search and replay.

Updated 28 days ago

©2003-2025 BeyondTrust Corporation. All Rights Reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.