Log Types: SnareServerLog
- Leigh Purdie (Unlicensed)
Overview
The Snare Central server generates internal logs, telling you who accessed what features of the server. Logins, objective accesses, modifications and regenerations are tracked and made available in this log category.
Collection
Collection is automatic, and is generates by the Snare Central Server
Sample Events
2020-05-13 06:54:19 V7SERVER.IA SnareServerLog 10.1.2.19 Administrator Login Page Login Success2020-01-28 15:20:10 V7SERVER.IA SnareServerLog 10.1.2.6 Administrator AgentConsole/DataRetrieval/RetrieveWindowsAccounts [Agent Management/Snare Agents/Retrieve Data/Windows Users and Groups] Access Objective Success
Fields
Field | Description |
|---|---|
DATE | Event date, in the format YYYY-MM-DD |
TIME | Event time, in the format HH:MM:SS |
SYSTEM | The source system |
TABLE | SnareServerLog |
SOURCE | The IP address or DNS name of the system that undertook the actions leading to the log message |
USERNAME |
|
RESOURCE | The resource that was accessed. This can either be a generic function (“Login Page”), or a user interface or file path to the object accessed. |
ACTION | The action that was undertaken to cause this message to be generated |
RETURN | Success or Failure |
DETAILS | Any additional details supplied with the event. |
Notes
-