Goverlan Auditing Services

The Goverlan Reach Server automatically receives audited events and centrally stores them in the database. Currently, only Goverlan Remote Control Session events and Windows Login/Logout events are registered.

Viewing Audit Events

Select the Auditing tab to view a snapshot of the most recent events received by the server.

The top section displays Remote Control Session events while the bottom section displays Windows Login/Logout events. To view the full list of events, click on the corresponding View Full Log link. This opens a log viewer from where you can execute searches or export data.

If Secondary Goverlan Reach Servers are implemented on one or more remote client sites, and Auditing Redirection is turned on, auditing events from these sites will also be displayed. Use the REACH Site column to define the origin of an audited event.

Auditing Settings

By default, the GRS keeps 180 days of events for each log type. However, this value can be changed in Auditing Settings.

NOTE:

  • Auditing cannot be turned off.
  • Windows login/logout events registered in the GRS are used by the Goverlan’s FastConnect feature that detects user logged-in workstations. Therefore, it is recommended to keep at least 30 days’ worth of events in the database to maintain detection accuracy.

 

Was this article helpful?

Related Articles