Top

Audit and Reports

1. Audit

   1.1 View Audit Records
   1.2 Classified Audit Records in Respective Pages

2. Reports

    2.1 View Reports
          2.1.1 SSH Reports
          2.1.2 SSL Reports
          2.1.3 Common Reports

    2.2 Export Reports

    2.3 Select Reporting Period

    2.4 Create Scheduled Tasks for Automatic Report Generation

 

1. Audit

Key Manager Plus comes with an efficient auditing mechanism, which records all activities performed in the product. The audit trails capture information on 'who' performed 'what' operation and 'when'. Only the administrators in Key Manager Plus can view the audit records pertaining to all users. The operators can only view the records pertaining to them.

 

1.1 View Audit Records

You can view the audit records in Audit tab of the GUI. You can apply filters and selectively view the required records. Click the Search icon present in the right hand corner of the audit table to apply filters.

Audit trails have been classified into the following categories:

Playback Remote Terminal Access

When users launch remote access to SSH terminals, Key Manager Plus captures the operations performed and commands used. Key Manager Plus administrators can playback the sessions and view them for forensic analysis. Such direct terminal connections are classified as "Terminal" in the operation type of audit records.

To playback the terminal access:

  1. Navigate to the Audit tab in the GUI.
  2. Click the Terminal link under the operation type.

The recorded SSH session opens in a new window.

 

1.2 Classified Audit Records in Respective Pages

 

2. Reports

Key Manager Plus presents the information on the entire SSH key and SSL certificate management process in your enterprise in the form of comprehensive reports. The status and summaries of the different activities such as public key deployment, private key rotation, access to servers, list of all SSH users and their key association,list of SSL certificate, SSL validity, etc. are provided in the form of tables and graphs, which assist the IT administrators to make a well-informed decisions on SSH key and SSL certificate management.

 

2.1 View Reports

You can view the reports from the Reports tab in the GUI. Key Manager Plus provides the following reports:

 

2.1.1 SSH Reports

  1. SSH Resource Report – View a detailed report of the SSH resources discovered using Key Manager Plus.
  2. Private Key Report – View a detailed report of the SSH keys generated or imported via Key Manager Plus.
  3. Private Key Rotation Report – View a detailed report of the SSH key rotations executed using Key Manager Plus.
  4. Public Key Deployment Report – View a detailed report of SSH keys that are deployed in the target systems.
  5. Server Access Report – View the information on 'who' accessed 'what' servers using Key Manager Plus.
  6. SSH Users Report – View the list of SSH users enumerated from the discovered resources.
  7. Landing Servers Report – View a list of landing servers configured in Key Manager Plus along with information such as primary and secondary server IP address, user account details and configuration time.
  8.  
 

2.1.2 SSL Reports

  1. SSL certificate report – View a detailed list of all SSL certificates imported, discovered, and created using Key Manager Plus.
  2. SSL request report – View a detailed report on all the certificate requests raised from Key Manager Plus.
  3. SSL expiry report – You can directly apply an expiry filter when selecting this report. A detailed report of the certificates with expiry information relevant to your selection, are displayed.
  4. Wildcard SSL certificates report - This report provides a detailed view of the wildcard SSL certificates in use and also the servers in which the certificates are deployed.
  5. Deployed servers report – This report provides a detailed view of those certificates that are deployed in more than one server.
  6. AD User Certificates report – View a detailed list of all the certificates mapped to user accounts in Active Directory.
  7. SHA-1 certificates report – This report provides a detailed view of all the SHA-1 certificates deployed in the organization.
  8. Deployment report – This report provides information on the certificates deployed through Key Manager Plus.
  9. Let's Encrypt report – Details on the status of certificate requests submitted to Let's Encrypt CA.
  10. Let's Encrypt certificates report – This report is a subset of SSL certificate report, that provides a detailed view of certificates procured from Let's Encrypt CA.
  11. SSL Vulnerability report – This report provides detailed information on vulnerability scan performed on SSL certificates stored in Key Manager Plus repository.
  12. Certificate Renewal report – This report provides details on attempted / successful auto-renewals of certificates issued by Local CA, certificates issued/renewed from third-party CA, Certificates issued by MSCA using agent and self-signed certificate renewal, invoked from Key Manager Plus.
  13. Certificate Sign report – This report provides a detailed list of certificates that are signed—either using Microsoft Certificate Authority or based on a root certificate—from Key Manager Plus. 
  14. GlobalSign Orders report – This report is a subset of SSL certificate report; it provides a detailed view of certificate orders requested from GlobalSign CA. Use the Date Filter to view orders within a particular time period. The contents of this report can be exported in the PDF, CSV formats or sent as an Email to the specified recipients.
 

2.1.3 Common Reports

  1. All Keys report – View a detailed report of all the SSH private keys, digital keys, and SSL certificates available in the Key Manager Plus repository.
  2. Audit Report – View the list of all audit trails generated in the product.
  3. Key Store Report – View a detailed report of all the digital keys stored in the Key Manager Plus Key Store.
  4. PGP Keys Report – View a detailed report of all the PGP keys stored and managed in the Key Manager Plus Key Store.
 

2.2 Export Reports

You can export the reports generated in Key Manager Plus as a CSV or PDF and also email the reports.

To export a report:

  1. Select any report from those enumerated in the Reports tab in the GUI.
  2. Click the Export button in the top-right corner of the window.
  3. Select any of the options from the drop-down list.
    • PDF – Export the report as a PDF file to the system.
    • CSV – Export the report as a CSV file to the system.
    • Email – Export the report via mail. Specify the email addresses of the users you wish to provide the reports.
 

2.3 Select Reporting Period

You can apply date filters and generate reports for a specified time period alone. To filter the reports by date:

  1. Select any report (except SSH users report) from those enumerated in the Reports tab in the GUI.
  2. Click the Date filter in the top-right corner of the window.
  3. Specify the from and to date of the time period within which you wish to view reports.
  4. Click the Save button.

Note : Use the Export feature with the Date Filter applied to export the data only reported within the time period specified.

 

2.4 Create Scheduled Tasks for Automatic Report Generation

You can create scheduled tasks for generating reports automatically. The reports will also be emailed to you or to any number of recipients as required.

To schedule report generation:

  1. Click the Schedule tab in the GUI.
  2. Click the Add Schedule button.
  3. In the Add Schedule window, enter a name for the schedule and select the type of schedule as Report.
  4. Select the report type. All the reports selected here will be sent via email.
  5. Specify the periodicity for report generation - hourly, daily, weekly, monthly or once only. Specify when you want to start the report generation operation. Set the starting time, date, or day corresponding to the option chosen.
  6. Enter the email addresses of the users you wish to provide the report.
  7. Click the Save button.

You will get a message confirming addition of a new schedule.