Centrify Audit & Monitoring Service System Management
The auditing module’s detailed, real-time auditing of privileged user sessions on Windows, UNIX, and Linux systems provides a full accounting of user activity and system access. Centrify Audit & Monitoring Service System Management is available with Centrify Audit & Monitoring Service. The audit and monitoring service audit events focus on collector service, collector settings, and agent settings.
Centrify Audit & Monitoring Service System Management audit event log sample
The following is a sample of an audit event log for Centrify Audit Event ID 42251. This log sample documents the successful start of the collector service on computer ‘MEMBER’. The change was made by user=system@nt authority on April 05, 2016 at 14:59:56.
04/05/2016 03:00:01 PM LogName=Application SourceName=
Centrify AuditTrail V2 EventCode=42251 EventType=4
Type=Information ComputerName=member.acme.vms
User=NOT_TRANSLATED Sid=S-1-5-18 SidType=0
TaskCategory=%1 OpCode=Info RecordNumber=51722
Keywords=Classic Message=Product: Centrify Suite Category:
DirectAudit System Management Event name: Start collector
service succeeded Message: Collector service was started
successfully on computer 'MEMBER'. Apr 05 14:59:56
member.acme.vms collector[1344]: INFO AUDIT_TRAIL|
Centrify Suite|DirectAudit System Management|1.0|251|Start
collector service succeeded|5|user=system@nt authority
userSid=S-1-5-18 sessionId=0 centrifyEventID=42251
DAInst=AuditingInstallation DASessID=c72252aa-e616-
44ff-a5f6-d3f53f09bb67 installation=DefaultInstallation
collector=MEMBER
Centrify Audit & Monitoring Service System Management audit events
Audit and Monitoring Service System Management Audit Events
| Centrify Event Id | Description | Parameters |
|---|---|---|
| 42251 | Start collector service succeeded | installation: Name of the installation Collector: Name of the collector computer |
| 42252 | Start collector service failed | installation: Name of the installation Collector: Name of the collector computer reason: Error message |
| 42253 | Stop collector service succeeded | installation: Name of the installation Collector: Name of the collector computer |
| 42254 | Stop collector service failed | installation: Name of the installation Collector: Name of the collector computer reason: Error message |
| 42255 | Collector settings update succeeded | installation: Name of the installation Collector: Name of the collector computer Collector setting: Name of the updated collector setting Collector setting value: Value of the updated collector setting |
| 42256 | Collector settings update failed | installation: Name of the installation Collector: Name of the collector computer Collector setting: Name of the updated collector setting Collector setting value: Value of the updated collector setting reason: Error message |
| 42257 | Start agent service succeeded | installation: Name of the installation Audited system: Name of the audited system |
| 42258 | Start agent service failed | installation: Name of the installation Audited System: Name of the audited system reason: Error message |
| 42259 | Stop agent service succeeded | installation: Name of the installation Audited system: Name of the audited system |
| 42260 | Stop agent service failed | installation: Name of the installation Audited system: Name of the audited system reason: Error message |
| 42261 | Agent settings update succeeded | installation: Name of the installation Audited system: Name of the audited system Agent setting: Name of the updated agent setting Agent setting value: Value of the updated agent setting |
| 42262 | Agent settings update failed | installation: Name of the installation Audited system: Name of the audited system Agent setting: Name of the updated agent setting Agent setting value: Value of the updated agent setting reason: Error message |
| 42263 | Start audit management service succeeded added in release 18.11 | installation: Name of the installation Audit Management: Name of the audit management computer |
| 42264 | Start audit management service failed added in release 18.11 | installation: Name of the installation Audit Management: Name of the audit management computer reason: Error message |
| 42265 | Stop audit management service succeeded added in release 18.11 | installation: Name of the installation Audit Management: Name of the audit management computer |
| 42266 | Stop audit management service failed added in release 18.11 | installation: Name of the installation Audit Management: Name of the audit management computer reason: Error message |
| 42267 | Started the collector service added in release 18.11 | installation: Name of the installation Collector: Name of the collector computer User: User name |
| 42268 | Failed to start the collector service added in release 18.11 | installation: Name of the installation Collector: Name of the collector computer User: User name reason: Error message |
| 42269 | Stopped the collector service added in release 18.11 | installation: Name of the installation Collector: Name of the collector computer User: User name |
| 42270 | Failed to stop the collector service added in release 18.11 | installation: Name of the installation Collector: Name of the collector computer User: User name reason: Error message |
| 42271 | Restarted the collector service added in release 18.11 | installation: Name of the installation Collector: Name of the collector computer User: User name |
| 42272 | Failed to restart the collector service added in release 18.11 | installation: Name of the installation Collector: Name of the collector computer User: User name reason: Error message |
| 42273 | Started the audit management service added in release 18.11 | installation: Name of the installation Audit Management: Name of the audit management computer User: User name |
| 42274 | Failed to start the audit management service added in release 18.11 | installation: Name of the installation Audit Management: Name of the audit management computer User: User name reason: Error message |
| 42275 | Stopped the audit management service added in release 18.11 | installation: Name of the installation Audit Management: Name of the audit management computer User: User name |
| 42276 | Failed to stop the audit management service added in release 18.11 | installation: Name of the installation Audit Management: Name of the audit management computer User: User name reason: Error message |
| 42277 | Restarted the audit management service added in release 18.11 | installation: Name of the installation Audit Management: Name of the audit management computer User: User name |
| 42278 Good | Failed to restart the audit management service added in release 18.11 | installation: Name of the installation Audit Management: Name of the audit management computer User: User name reason: Error message |