/
How does the Snare Server product protect and maintain the integrity of the audit logs?
How does the Snare Server product protect and maintain the integrity of the audit logs?
- Carlos Osorio
Owned by Carlos Osorio
Nov 12, 2020
SUMMARY
Jul 06, 2015
The Snare server logs are stored on a server that has restricted access. Users don’t have access to these logs. Access is restricted to the defined admins who have console access. Access via the web UI does not allow any change access to the data on the server. Once the logs are written to disk they never change.
The Snare Server also has a MD5 checksum capability and the hashes can be downloaded to keep offline and burnt to DVD. This process helps to provide assurance that the logs have not been tampered with by an admin.
, multiple selections available,
Related content
Log Sources
Log Sources
More like this
Audit Policies
Audit Policies
More like this
Log Sources
Log Sources
More like this
General Configuration
General Configuration
More like this
Appendix A - Windows Event Output Format
Appendix A - Windows Event Output Format
More like this
Overview of the Snare Agents
Overview of the Snare Agents
More like this