Additional design element
Venkat,
Auditing client usage, server logging, and the analysis scripts all look great.
We should also collect all the relevant logs in the central xci-metrics.xsede.org. I propose these additions to this design:
Venkat,
Auditing client usage, server logging, and the analysis scripts all look great.
We should also collect all the relevant logs in the central xci-metrics.xsede.org. I propose these additions to this design:
I'm not sure if this fits within the scope of the project but it may be useful from a security standpoint to compile a list or count of unique IP addresses on a per user basis as well. This could help in identify potentially compromised accounts.
Jason
Hey Galen,
I hear you’ll have some iron-man capabilities you can use starting tomorrow. I can’t wait to see them!
Victor, JP and Shava,
I am currently specifying auditd in the design doc for gathering gsissh invocations along with the arguments to capture info on GSISSH services being accessed from the Hub.