Solarwinds does not save an audit event when someone changes permissions for an account. Solarwinds should audit permissions changes for several reasons:
- Good security practice - if permissions are changed, we want to know when it happened, and who made the change
- Easier recovery - if an inappropriate change is made, we can look at the audit history to see what the old permissions were, and change the permissions back
- Troubleshooting - if an end user says their view of Solarwinds has suddenly changed, we can look at the audit history to see if it's a permissions change versus someone deleting nodes.
These are my reasons for requesting this feature. If other users can think of additional reasons that this would be useful, please comment!
Top Comments