Daily Security Audit (HR dept.)

 

Description	Daily security audit
Creation date	2008-10-02 03:00:00
Period	2008-10-01 00:00:00 - 2008-10-01 23:59:59

---

 

Stats condition Object access per host (graph) Description Server x Object x User(count)
Host	Object Accessed	User (count)
		Count
File Server 1	C:\SmartOn Client\pass\nSop.dll	0
	\BalanceSheet-sample.txt	2
	\\FILESERVER1\BalanceSheet.doc	11
	\\FILESERVER1\ClientDb.xls	12
Client PC1	C:\SmartOn Client\pass\nSop.dll	3
	\BalanceSheet-sample.txt	0
	\\FILESERVER1\BalanceSheet.doc	0
	\\FILESERVER1\ClientDb.xls	5

 

 

Stats condition Object access per application Description Application x Server x Object x User
Application	Server	Object	User
			a.sato	t.tanaka
VISUACT	Client PC1	C:\SmartOn Client\pass\nSop.dll	0	0
		\BalanceSheet-sample.txt	0	0
		\\FILESERVER1\BalanceSheet.doc	0	0
		\\FILESERVER1\ClientDb.xls	2	3
	File Server 1	C:\SmartOn Client\pass\nSop.dll	0	0
		\BalanceSheet-sample.txt	1	1
		\\FILESERVER1\BalanceSheet.doc	4	7
		\\FILESERVER1\ClientDb.xls	4	8
SmartOn	Client PC1	C:\SmartOn Client\pass\nSop.dll	3	0
		\BalanceSheet-sample.txt	0	0
		\\FILESERVER1\BalanceSheet.doc	0	0
		\\FILESERVER1\ClientDb.xls	0	0
	File Server 1	C:\SmartOn Client\pass\nSop.dll	0	0
		\BalanceSheet-sample.txt	0	0
		\\FILESERVER1\BalanceSheet.doc	0	0
		\\FILESERVER1\ClientDb.xls	0	0

 

Sensor policy Potential security breach detection Description Capturing potential illegal access to sensitive data (3 or more failed connections within 1 minute on predefined ports) Entries 3
Sensor policy	Timestamp	Log message
Potential security breach detection	2008-10-01 02:13:00	2008-10-01 02:13:00 192.168.7.101 (security.alert) Illegal access on port 139
Potential security breach detection	2008-10-01 02:13:17	2008-10-01 02:13:17 192.168.7.101 (security.alert) Illegal access on port 139
Potential security breach detection	2008-10-01 02:13:45	2008-10-01 02:13:45 192.168.7.101 (security.alert) Illegal access on port 139