How to Set Up and Use VCM Auditing
The VCM Auditing capability tracks all changes in the security aspects of VCM. Security-related events are
written to the Windows Event Log, which is stored on the Collector, independent of the VCM application.
The format of the event log prohibits any modifications to the recorded entries, making it a secure,
tamper-proof auditing record of changes in security.
When a user performs an action in VCM that affects security, and the auditing setting that corresponds to
that change is enabled, the event is written to the event log. Examples of VCM user actions that cause
events to be written to the event log include user logon/logoff, session timeouts, changes in managing
users, changes to passwords and administration settings, changes in network accounts and authority,
collection requests, and service and registry changes.
NOTE Auditing settings can be enabled or disabled only by users who are assigned and logged in with
the Admin role.
1. To view the VCM Auditing settings, navigate to the Administration slider. Select Settings > General
Settings > Auditing.
2. To change an auditing setting, highlight a setting and then click Edit Setting. When a user changes an
auditing setting, the VCM Auditing data grid displays the user’s name in the Last Modified By column.
For details about the Auditing settings, and viewing the Windows Event Log, see the Administration:
Auditing Settings topic in the online Help.
Getting Started with VCM
VMware, Inc. 131
Commentaires sur ces manuels