Security event configuration
The security event configuration feature is part of security information and event management (SIEM) that combines security information management (SIM) and security event management (SEM). Use the Security Event Configuration landing page to configure the logging of security events so that you can diagnose system issues and demonstrate compliance to auditors.
Security events include actions performed by any requestor who accesses the application, data accesses or changes, security policies changes or security-related rules or landing pages, and so on. With the log security events you can then monitor inappropriate access to your data or system.
All security events include the following information:
- Date and time
- Application name
- Node
- IP address
- Operator ID
- Event class (authentication or authorization)
- Event type
Authorization events can also include the following information:
- The entered search string
- The class, ID, and class- of the case state:
- Open
- Unopened
- Blocked by an access policy
- Report name, class, and filter condition.
Previous topic Auditing changes to aggregate properties Next topic Selecting a security event to monitor