Hitachi ID Privileged Access Manager logs and can report on every disclosure of access to every privileged account. This means that the time interval during which a user was connected to a privileged account or during which a password was disclosed to a program or person is always recorded, is retained definitely and is visible in reports.
Privileged Access Manager also logs all attempts by users to search for managed systems and to connect to privileged accounts, even if login attempts were denied. This means that even denied attempts and requests to access privileged accounts are visible in reports.
Privileged Access Manager also logs auto-discovery and auto-configuration process status as well as manual changes to its own configuration. This means that the health of systems on the network can be inferred from Privileged Access Manager reports.
Exit traps can be used to forward copies of Privileged Access Manager log entries to another system (e.g., an SIEM, typically via SYSLOG) for analytics and tamper-proof archive.
All data in Privileged Access Manager is available via SQL or ODBC and accessible using standard analytical tools (Crystal Reports, Cognos, MS-Excel, SQL queries, etc). The schema is well documented and is available to all product licensees and evaluators under NDA. The current release schema documentation is about 127 pages long, and includes detailed descriptions of every field, table, relation, value constraint, etc.
Data available through Privileged Access Manager includes:
Privileged Access Manager includes a number of standard reports, executed or scheduled through the web user interface and delivered interactively or by e-mail:
Each report includes a set of search parameters that enables users (who must have the right to run reports) to fine-tune the data they retrieve.