Do you want to keep track of whos really doing what on your Linux and Unix servers? Then check out Centrify Corp.s new DirectAudit. DirectAudit improves upon earlier products that provide comprehensive auditing, logging, and real-time monitoring tools for Unix/Linux servers, according to the company.
Centrify Is best known for its AD (Active Directory)-based DirectControl program, which enables network administrators to use AD for authentication, authorization, and Group Policy on Linux and Unix systems. DirectAudit further allows administrators to capture an entire user session by recording keystrokes and session output, and archiving the audit trail to a searchable SQL database. While you dont need both programs to get the benefits of DirectAudit, the programs do work well in combination. Together, you can use the programs to watch user activity on individual computers and on important servers.
According to Centrify, administrators, auditors, and IT managers can use the DirectAudit console not only to play back and report on session activity, but also to view which users accessed what systems, what commands were executed, and what changes were made to key files and data. They can get real-time views of current sessions that can be played back as if videotaped, complete with fast-forward and rewind controls. Summary reporting is available as well as full-text search capabilities.
According to Centrify CEO Tom Kemp, “DirectAudit is a great tool for administrators to perform in-depth troubleshooting of user activity [that can cause] system failures.” For example, if a system administrator makes a change that results in problems, IT management can reconstruct exactly what went wrong. Agent data is stored in a compressed, encrypted format, Kemp says.