Cryptographic Security Platform Vault Activity Tracking

Cryptographic Security Platform Vault tracks all activity on the system in the audit log. Users can export the audit log from the webGUI but they cannot change it in any way. For security reasons, Cryptographic Security Platform Vault tracks most of the events in the system.

For important events, Cryptographic Security Platform Vault makes an entry in the audit log and also raises an alert. Users can look at the Alert tab in the webGUI to get a quick overview of the major events that have taken place in the system. webGUI users can delete an alert from their local view, but the same alert will still be visible to other Cryptographic Security Platform Vault users who have the same Cryptographic Security Platform Vault permissions.

Cryptographic Security Platform Vault categorizes audit log messages and alerts based on both the user's administrative roles (Cloud Admin, Domain Admin, and Security Admin) and the groups to which the user belongs. When a user logs into the webGUI, they can see the audit log messages and alerts generated by their groups that correspond to the privileges associated with their account. For example:

  • If a Security Administrator logs in, they will see an alert if a user account is locked because a user exceeded the maximum number of consecutive failed login attempts. Security Administrators are not assigned to a group, so all Security Administrators see all security alerts.
  • If a Cloud Administrator logs in, they will see an alert if a new Cloud VM Set has been created in one of the Cloud VM Sets in their associated groups. They will not see an alert about Cloud VM Sets created in other groups.
  • If a Domain Administrator logs in, they will see an alert if a new Cryptographic Security Platform Vault node has been added to the cluster.
  • If someone with Security, Cloud, and Domain Admin privileges logs in, they will see all three of the alerts mentioned above.

In addition to viewing alerts in the webGUI, administrators can also receive alerts by email depending on how the system is configured. For details, see Setting Email Server Preferences.

For a list of audit log messages, see Cryptographic Security Platform Vault Audit Messages.

Related Topics