0

The summary of the security auditing is generating HTML report from binary audit log after enabling the security auditing and some configurations; but the generated HTML report is not completed(full information) and not meaningful.

What i mean is for example when i created a user, it's not audited. When i gave it some roles; these actions have been audited but unclear way.


I have two questions:

  • Does not it audit each action that the user do it like create/delete user.?
  • Is there a way to format that HTML report to be clear and meaningful or Are there extra configurations to generate HTML report or other report to be clear?
Gas
  • 17,601
  • 4
  • 46
  • 93
Haythem Al Shaikh Ahmed
  • 33
  • 1
  • 8

1 Answers1

1

Does not it audit each action that the user do it like create/delete user?

Auditing is not recording all the user actions.

The security auditing subsystem has the ability to capture the following types of auditable events:

  • Authentication
  • Authorization
  • Principal/Credential Mapping
  • Audit policy management
  • Delegation

For more details see Auditing the security infrastructure

Is there a way to format that HTML report?
There is no way to provide format of that HTML report by default. You may only specify what will be in the report using report mode were valid values include basic, complete, or custom. See binaryAuditLogReader command for more details.

If you need custom formatting you may need to implement your own audit service provider. For more info see here:

Gas
  • 17,601
  • 4
  • 46
  • 93