Each time O&M personnel perform O&M operations in Bastionhost, a session is generated to record the O&M operations. Auditors can audit the session to check whether any unauthorized operation is performed.

Prerequisites

Flash Player is installed on your browser to play session videos.

Search for sessions

  1. Log on to the Bastionhost system. For more information, see Log on to Bastionhost.
  2. In the left-side navigation pane, click Approval > Command Approval.
  3. On the Session Audit page that appears, click any of the following tabs: All Sessions, Graphic Text, Commands, and File Transfer. On the tab, you can configure session search conditions based on the type of the sessions you want to search for.
    Session audit_search
  4. Configure search conditions.

    The following table describes the search conditions that you can configure.

    Search condition Description
    Time Specify the search time range. Valid values: All, Current Day, Current Week, and Current Month. You can also customize a time range.
    Protocol Select a protocol type from the Protocol drop-down list. Valid values: All, SSH, SFTP, and RDP.
    Host IP Address Enter the IP address of the target host in the session you want to view.
    Hostname Enter the name of the target host in the session you want to view.
    User Enter the name of the user whose session you want to view.
    Logon Name Enter the name of the account used by the user to log on to the target host.
    Source IP Address Enter the IP address used by the user to perform O&M operations.
    Session ID Enter the session ID.
    Deletion Status Select a session deletion state. Valid values:
    • All
    • Undeleted
    • Deleted
  5. Optional:Click Save. In the Save dialog box that appears, specify Filter Template and click OK to save the search conditions.
    Note After you save the search conditions as a template, you can acquire the same conditions again by selecting the template name from the Default Condition drop-down list in the upper-right corner of the session search result list.
  6. Click Search.

View session details

  1. Search for a target session. For more information, see Search for sessions.
  2. Find the target session in the session search result list.
  3. Click Details in the Actions column to view the details about this session.Session search result list
  4. In the Session Details pane that appears, you can view basic information about the session, user, and host.Session Details pane

Play session videos

  1. Search for a target session. For more information, see Search for sessions.
  2. Find the target session in the session search result list.
  3. Click Play in the Actions column to watch the session video.Session search result list