Foglight 7.3.0 - Security and Compliance Guide

Audit log

From the Foglight® Administration Console, users can select security and change audit logs for a specific time period and display those logs in the Audit Viewer.

The View Audit Information dashboard allows you to review these logs and to filter them to show information for a specific time span. It also lists users who have logged in to Foglight, changes to user, group or role settings, and changes made to configuration items, including rules, schedules, or registry variables.

The following information appears in each log entry in the table:

Audit log entries are stored in the Foglight database.

A subset of the Foglight methods that are audited includes:

Log files

The following information is recorded in the Foglight® log files on the Management Server:

No user names or passwords are stored in the log file. These files are stored unencrypted on the file system within the Foglight directory structure. Any system user with read privileges to these files can access the logs.

Masking sensitive input data

Foglight® masks password entries with asterisks to prevent them from being displayed. Foglight also masks agent properties that are marked as sensitive.

Uninstalling Foglight

Uninstalling Foglight® leaves certain files in the Foglight folder, and database content (schema) is not deleted. Only the internally embedded database is erased on uninstall. If required, the customer must delete the Foglight files from the file system manually.