26
26.4
Analyze audit log
Audit logs need to be analyzed by the administrator regularly (once per
month) or when unauthorized access and tampering of data saved in the ma-
chine in Enhanced Security mode is noticed.
The machine is supposed to store up to 750 logs per month.
If more than 750 logs are assumed to be stored in a month, carry out the
analysis in a shorter period before the unanalyzed logs reach that number.
Audit Log Information
The audit log contains the following information.
- date/time: date and time when an operation was made that results in the
creation of a log entry.
- id: the person who made the operation or who is subject to security pro-
tection can be specified.
"-1": Operation by CE (service representative).
"-2": Operation by the administrator.
"-3": Operation by the unregistered user.
Other integer: Indicates subjects for security protection, and the follow-
ing action IDs narrow down the subject for protection.
User ID (1 to 1000 numerical symbols)
Secure User ID (1 to 99999 numerical symbols)
- action: Used to specify the operation.
Check details of operation that action indicates in the following table.
- result: Result of an operation.
For password authentication, success or failure will be indicated as OK
and NG.
For operations without password authentication, all log entries will be in-
dicated as OK.
26-18
Administrator Security Functions
bizhub PRO 920