Records of the operations performed on Systemwalker Operation Manager can be output to audit logs. Audit logs are set up so that they are output by default when Systemwalker Operation Manager is installed. Audit logs can be used to verify what operations were performed, when and where those operations were performed, and by whom.

Audit logs can be stored at an output destination on a Systemwalker Operation Manager server for a specified number of days only. Operations on clients are also recorded in audit log files on the server.

The following is a list of the main security-related operation records that are output to audit log files:

• Records of authenticated logins to Systemwalker Operation Manager

• Operations administrator and operations staff registrations

• Operations administrator and operations staff password changes

• Project additions and updates

• Service/daemon startup records

• A record of changes to definition information relating to job operations

Note that a history of job execution results is output to Jobscheduler log files (jobdb1.log/jobdb2.log/jobdb3.log). The content of these log files can be checked using the following history display windows. Refer to "Browsing Job History" in the Systemwalker Operation Manager User's Guide for more information.

• Job Net History window

• Job History window

Using audit logs provides the following security-related benefits:

• It is possible to monitor and investigate which users performed unauthorized operations.

• Regular log checks can reveal suspicious operations and access attempts (such as repeated login failures).

The information contained in audit log files can be used in a variety of fault isolation procedures because it can be used to investigate problems caused by incorrect operations as well as malicious behavior.

When Systemwalker Operation Manager is linked to Systemwalker Centric Manager, Systemwalker Centric Manager's audit log management function can be used to gather audit logs on an Operation Management Server where they can be centrally managed.

Refer to "Defining Audit Log Output" in the Systemwalker Operation Manager Installation Guide and "Analyzing Audit Logs" in the Systemwalker Operation Manager User's Guide for more information about audit log output.

Refer also to the Systemwalker Operation Manager Reference Guide for more information about the information that is output to audit log files.