Role-based Auditing of Session Activity

Your administrator may install the Verify Privilege Server Suite Agent with or without auditing features. Depending on whether auditing features are activated on your computer and whether your role requires auditing or not, your session activity might be captured and stored in a database. You can check whether session-level or desktop auditing is requested or required for the roles you are assigned by running the dzinfo command. You are notified that your session activity might be audited only if the administrator has enabled notification. If auditing is required for your role, but the auditing service is not available on computer you attempt to use, you will be denied access to that computer until auditing is available.

If your administrator has configured the Verify Privilege Server Suite Agent to audit your session when you log in, everything you do on your terminal is captured, including all of your keystrokes and anything displayed on your screen. If your administrator has configured auditing on a per-command basis, auditing only begins when you use a privileged dzdo command, and ends when you are finished running those privileged commands.

If your administrator has configured desktop auditing, everything you do in the Linux graphical user interface is captured. Note that for web browser activity, desktop auditing captures the web page title but not the contents or activity within a web page.