Audit log

Description

In compliance with cyber security requirements, Polyscope X will log all security relevant configuration changes.

The log can be used to investigate intrusion incidents and anomalies. It is automatically collected and requires admin access to view.

Logs are kept for 90 days.

 
View report

  1. Enable SSH on the robot

  2. Access the robot via ssh

  3. Generate report with the command aureport

 
View specific entries

This will filter and print log messages in human readable format. This feature can be used to inpect the logs.

 

  1. Enable SSH on the robot

  2. Access the robot via ssh

  3. See specific entries using ausearch -k <key> --format text

  4. Possible keys are:
    access_control
    request_error
    control_system
    config_change
    audit_config
    audit_rules

 
Follow the log

This will live print log messages as they happen. This feature can be used to inpect what actions are logged.

  1. Enable SSH on the robot

  2. Access the robot via ssh

  3. tail -f /var/log/audit/audit.log

Additional options

The tools aureport and ausearch are standard tools to access audit logs. More detailed information about their features can be found online.