How We Secure: Log Management

Syslog

SurePassID Universal MFA offers full MFA audit trail and real-time monitoring via syslog.

Definition

System Logging Protocol (syslog) is a standard protocol used to send system log or event messages to a specific server, called a syslog server. Syslog is used for system management and security auditing, as well as general informational, analysis, and debugging messages. Syslog is defined in RFC 5424, The Syslog Protocol.

How SurePassID works with syslog

SurePassID Universal MFA uses Event Log Synchronization (ELS) to securely pull MFA audit trail events and store them in a syslog. ELS filters specify the MFA event types that are eligible to be pulled. The ELS application is installed on your servers and is a component of the SurePassID Local Agent.

The following MFA event types can be synchronized to a syslog:

  • Severe
  • Warning
  • Success
  • Action Required
  • Informational

The Event Log Sync Application uses https for transport security by default. If more security is needed, PKI and X.509 certificates can be used.

Event Log Synchronization Syntax
EventLogSync -ln=loginname -lp=loginpassword

where

loginname: is your SurePassID account login name
loginpassword: is you SurePassID account login password

Automate MFA Logging

Securely pull MFA audit trail events and store them in a syslog – automatically. No manual integration steps are needed.

Receive Alerts in Real-Time

Benefit from real-time information about MFA event types. Your admins can action and escalate per your security policies.

Comply with Security Audits

By integrating SurePassID with syslog, you incorporate a full audit trail of all MFA use for any given period.

Ready to experience the SurePassID difference?

Contact us and bring our MFA expertise to bear on your unique requirements. Or begin our 30-day free trial and see how easy it is to secure your universe with SurePassID Universal MFA.

Contact Us
Start Your Free Trial