7.10.2. Procedure – Timestamping audit trails with built-in timestamping service

Purpose: 

To add timestamps to the audit trails by using the built-in timestamping service of PSM, complete the following steps:

Steps: 

  1. Configure the timestamping interval. You have to repeat these steps for each protocol (HTTP, ICA, RDP, SSH, Telnet, and VNC) you want to configure:

    Figure 7.12. <Protocol name> Control > Global Options —Configuring local timestamping

    <Protocol name> Control > Global Options —Configuring local timestamping
    1. In the protocol control settings, navigate to Global Options > Timestamping (for example, SSH Control > Global Options > Timestamping).

    2. Select Local.

      Note

      Make sure that you leave the Timestamping policy field empty. Timestamping policy has relevance only when Timestamping is set to Remote.

    3. Set the Signing interval. You can choose any value between 10 and 100 000 seconds.

      Note

      The same interval setting applies to timestamping and signing.

    4. Click .

  2. Configure audit policies to use timestamping. You have to repeat these steps for each audit policy you want to configure:

    1. Navigate to Policies > Audit Policies and select the audit policy you will use in your connections.

      Tip

      By default, every connection uses the built-in default audit policy. Unless you use a custom audit policy, modifying the default audit policy will affect every audited channel of the connections passing through PSM.

    2. Select the Enable timestamping option.

      Figure 7.13. Policies > Audit Policies — Timestamping audit trails

      Policies > Audit Policies — Timestamping audit trails
    3. Click . PSM will automatically add timestamps to the audit trails of every connection that is audited and uses this audit policy.

      Note

      For details on how to change the certificate used for timestamping, see Section 6.8, Managing the certificates used on PSM.