Auditing of Security Events

Security-related events are logged as part of a system-wide logging facility. The following table describes security-related log categories.
Selected Security-Related Log Categories
Category
Events Captured
Audit.Authentication
Authentication events, client connection information.
Audit.Meta.Security.AccCtrlAdm
Changes to explicit controls, ACTs, application of ACTs to objects, and passwords (on objects such as Tables, Connections, and ProtectedPassthrus). Includes additions, deletions, modifications, and failed attempts to perform these actions.
Audit.Meta.Security.GrpAdm
Changes to memberships (for groups or roles). Includes adding members, removing members, and failed attempts to perform these actions.
Audit.Meta.Security.UserAdm
Changes to users, groups, roles, logins, internal accounts, and authentication domains. Includes additions, deletions, modifications, and failed attempts to perform these actions.
Audit.Meta.Updates.PublicObjects
Add, update, delete, and change management events on public objects.
For more information, see Administering Logging for SAS Servers in SAS Intelligence Platform: System Administration Guide.
Tip
For a collection of utilities to support auditing and reporting against the generated logs, search for "Audit and Performance Measurement" at support.sas.com.