Folks,
I recently opened a ticket to check into the audit functionality of a NCM / NPM. We are currently in the process of becoming a level 1 service provider for PCI. The funny thing is NCM, which in the hands of an disgruntled engineer, has the power to blow up your entire network in a few clicks but has not way to provide an audit trail of who did what.
We use an AD OU group for access to Orion, which since 7.0 is the same authorization used for NCM. So the very tool that I can use to build reports and audit / remediate my network devices for PCI compliance is itself, not compliant? Their has to be a better answer than this. Has anybody found a clever way around this? I had case 307742 get closed on me today with the follow;
Thank you for contacting SolarWinds Support, I was happy to assist you with answering your questions. As discussed, we do not have a way to track actual usernames of people running the configuration tasks in a report function. The most you'll be able to get is the account used on the actual device.
