How does masterSAM ANALYST detects security violations in user operations and sends notifications when such events occur?
By searching through the log repository and finding the matches against user-defined rules and filter conditions of the activity profile log folders, masterSAM ANALYST can intuitively fires up or triggers email notifications to alert intended parties about security events, which could either be threats, violations or anomalies detected in user operations. Unauthorized access and illegal tampering can also be tracked with alerts to keep security and audit well informed of such activities. Alerts or notifications serves as the entry point to assist and facilitates security to perform a detailed investigation and forensic analysis of specific audit logs by means of logs download and review, capability to replay log sessions by using masterSAM LOGGER or by correlations of logs with relevant audit reports.
Related Questions
- Is it always necessary to configure the Security Manager user account in the CS-MARS database to perform events lookup?
- Does Operations Manager send notifications for alerts only or will it also send notifications for events?
- Can I directly pass on notification to the User Support Cell of my RVSM Operations approvals?
