System Administrator [ID/Activity Monitoring] 2465

  • Hi,
    I am looking for some opinion on the following topics:
    1.How you monitor and make sure that ONLY System Administrators (root, Superuser etc) are accessing/logging the servers/applications/database.
    -Obviously we have ID application for end users and systems administrators,but the point is how we make sure that only System Administrators are theGBPONLY ONE who have accessed the systems with administrative access rights.
    -Here the solution comes up that we have Login log of System Administrators and monitor/check them regularly (once in 3 months) for any failures, suspicious and unauthorized logins.
    **But here the problem comes up that Login log of System Administrators for 3 months are overwhelming (huge data.).
    2. How you can monitor the activities that are performed by Root, System Administrator, or superuser ID.
    Any recommendations/suggestions would be greatly appreciated.
    Thanks in advance.

  • Ah, this is indeed an ‘old chestnut’ and has been
    This has been discussed a couple of times already on these forums including here:

  • Denis,
    Thank you for the reply 🙂 .
    I will check out the suggested links.

Log in to reply