This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

CMC No Logging? Really?

Anybody ever wonder why SEM has an administrative account CMC that doesn't log when it's used and you can't alert off of it? Do you run any product, let alone a security product, that doesn't log logon or logoff events either success or failure on all accounts, especially administrative accounts? After allowing all of us customers to be breached through Solarwinds Orion hasn't Solarwinds made it a priority to fix known and requested security controls and gaps as glaring as this one?

Top Replies

choerichs over 1 year ago in reply to ecklerwr1 +1 verified

Tech support did a work around conf to get CMC to log. Wasn't much for the tech to add it, though it has to be re-implemented after every upgrade. It does point to Solarwinds' culture of unconscionable…

Parents

0 sosborne99 over 1 year ago

In your WebUI create a filter on internalInfo, it will be there.

InternalInfo.EventInfo will be "The CMC script has been started.

On exit: InternalInfo.EventInfo will be: The CMC script has been terminated.

Cheers: Steve
Cancel
Vote Up 0 Vote Down

Cancel
0 choerichs over 1 year ago in reply to sosborne99

By default SEM does not log when someone successfully or fails to login with CMC. This is still the case. The administrative account CMC does not log and cannot be alerted on etc. Continues to be a very serious vulnerability and flaw in this product.
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 choerichs over 1 year ago in reply to sosborne99

By default SEM does not log when someone successfully or fails to login with CMC. This is still the case. The administrative account CMC does not log and cannot be alerted on etc. Continues to be a very serious vulnerability and flaw in this product.
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data