In order to meet compliance standards, many companies require auditing for password changes, whether the changes came from the users or the help desk. Self Service Password Reset provides an auditing solution that tracks specific events that occur in the system as well as actions users took. It also allows you to forward events to a Syslog server for further analysis of the information.
Self Service Password Reset allows you to enable and configure event alerts such as intruder alerts and fatal event alerts.
To configure the logging and auditing options, perform the following steps:
Log in to Self Service Password Reset at https://dns-name/sspr as an administrator.
In the toolbar, click your name.
Click Configuration Editor > Settings > Auditing > Audit Configuration.
Configure the following settings:
Select the system event types to record and take action.
Select the user audit event types to record and take action.
Specify the maximum age (in seconds) of the local audit event log. The default is 30 days.
Select Save changes.
You can forward auditing events to external systems to analyze the information.
Log in to Self Service Password Reset at https://dns-name/sspr as an administrator.
In the toolbar, click your name.
Click Configuration Editor > Settings > Auditing > Audit Configuration.
Configure the following settings:
Specify the email address where you want to send the system audit events information. You can provide multiple email addresses.
Specify the email address on which you want to send the user audit events information. You can provide multiple email addresses.
Self Service Password Reset can send events to the Syslog service. Specify Syslog audit servers information as follows:
Protocol: TCP, UDP or TLS/ SSL
Host: Host name or IP address of the computer running the Syslog service
Port: Port number where the Syslog service is listening
Import the certificates from the Java keystore to configure TLS/SSL from the Syslog service.
Select Save changes.
Self Service Password Reset allows you to store the user history in different locations. Use the following settings to configure that storage.
Log in to Self Service Password Reset at https://dns-name/sspr as an administrator.
In the toolbar, click your name.
Click Configuration Editor > Settings > Auditing > User History.
Configure the following settings:
Select the data store location where to store the user-specific audit history. The options are LDAP and Remote Database.
Select the event types to store for the user audit history.
These are the attributes used to write a user event attribute in LDAP. The user event log attribute will hold an XML document with the users’ event history. Leave blank to disable logging event history to LDAP.
Specify the maximum number of events to hold in the event history attribute for a user.
Select Save changes.