Each time O&M personnel perform O&M operations in Bastionhost, a session is generated to record the O&M operations. Auditors can audit the session to check whether an unauthorized operation is performed.

Prerequisites

Flash Player is installed on your browser to play session videos.

Search for sessions

  1. Log on to your bastion host. For more information, see Log on to a bastion host.
  2. In the left-side navigation pane, choose Audit > Session Audit.
  3. On the Session Audit page, click the All Sessions, Graphic Text, Commands, or File Transfer tab.
    Session audit_search
  4. Configure search conditions.

    The following table describes the search conditions that you can configure.

    Search condition Description
    Time Specify the search time range. Valid values: All, Current Day, Current Week, and Current Month. You can also specify a custom time range.
    Protocol Select a protocol type from the Protocol drop-down list. Valid values: All, SSH, SFTP, and RDP.
    Host IP Address Enter the IP address of the specific host in the session that you want to view.
    Hostname Enter the name of the specific host in the session that you want to view.
    User Enter the name of the user whose session you want to view.
    Logon Name Enter the name of the account that is used by the user to log on to the specific host.
    Source IP Address Enter the IP address that is used by the user to perform O&M operations.
    Session ID Enter the session ID.
    Session Status Select the status of the session. Valid values:
    • Normal
    • Deleted
    • Unsaved
  5. Optional:Click Save. In the Save dialog box, configure Filter Template and click OK to save the search conditions.
    Note After you save the search conditions as a template, you can acquire the same conditions again when you select the template name from the Default Condition drop-down list in the upper-right corner of the session search result list.
  6. Click Search.

View session details

  1. Search for a specific session. For more information, see Search for sessions.
  2. Find the specific session and click Details in the Actions column. Session search result list
  3. In the Session Details panel, view the basic information about the session, user, and host. Session Details

Play session videos

  1. Search for a specific session. For more information, see Search for sessions.
  2. Find the specific session and click Play in the Actions column.
    Session search result list