Imperva Cyber Community

 View Only
  • 1.  How to audit CLI output executed by an admin

    Posted 5 days ago
    Hi,
    Im not sure if this is turned on by default or it has to be saved or recorded manually.

    I would like to obtain these cli activity logs (e.g commands executed by an admin using the impcfg cli command) for auditing purposes.

    -Is this enabled or saved by default? What is the directory?
    -If not enabled by default, do we need to create a custom policies with action set saved locally? (e.g: there is no syslog in place)

    Thanks,
    Leangf
    #AllImperva

    ------------------------------
    Angfe Landagan
    Senior Solutions Engineer
    Philippines
    ------------------------------


  • 2.  RE: How to audit CLI output executed by an admin

    Posted 4 days ago

    Hi Angfe, 

    Thanks for posting. Could you let me know which product(s) you are referring to? This will allow me to add tags to help your post reach fellow users.

    Thanks,



    ------------------------------
    Sarah Lamont(csp)
    Digital Community Manager
    ------------------------------



  • 3.  RE: How to audit CLI output executed by an admin

    Posted 4 days ago
    Hello Sarah, 
    This is for the WAF / DAM On-prem devices. 

    Thank you.
    Leangf


  • 4.  RE: How to audit CLI output executed by an admin

    Posted 4 days ago
    Okay, great! I have added those tags so that the relevant users will be notified.

    ------------------------------
    Sarah Lamont(csp)
    Digital Community Manager
    ------------------------------