When Bastionhost users log on to Bastionhost in SSH, RDP, or SFTP mode and perform O&M operations on hosts on which the users have permissions, administrators can choose to view the details about the O&M sessions. This topic describes how to query and audit O&M operations and interrupt high-risk sessions in a bastion host. This topic is intended for the administrators.
Search for sessions
- On the Real-Time Monitoring page that appears, configure search conditions.
The following table describes the search conditions that you can configure.
Search condition Description Protocol Select a protocol type from the Protocol drop-down list. Valid values: All, SSH, SFTP, and RDP. Host IP Address Enter the IP address of the target host in the session you want to view. Hostname Enter the name of the target host in the session you want to view. User Enter the name of the user whose session you want to view. Logon Name Enter the name of the account used by the user to log on to the target host. Source IP Address Enter the IP address used by the user to perform O&M operations. Session ID Enter the session ID.
Interrupt sessions on the Real-Time Monitoring page
- On the Real-Time Monitoring page that appears, select one or more sessions that you
want to interrupt.
