Audit trail
Overview
To trace relevant activities in your Appliances (accesses, configuration modifications, starts, stops, etc), Nexthink components write to the audit log file:
/var/log/nexthink/audit.log
Find below the complete list of audit events. In the tables, the words displayed in italics in the log messages are replaced by actual values by the log system. For example, the actual username of the account that performed a particular logged action will replace the word account.
Appliance
See how to configure the system log for the Appliance to record the following events:
Logon with the SSH Nexthink account
Commands launched with super-user privileges
Web Console
Portal
Engine
The start and stop commands for the Engine that are executed from the CLI are logged in journalctl
. Use the following command to retrieve them:
sudo journalctl -u nxengine@*.service | grep systemd
RELATED TASK
Last updated