- Capture searches that users are undertaking
- Be notified of security events by accessing TRIM’s audit events as Windows events
Did you know?
iCognition is helping Australian security organisations manage and track access to sensitive records in TRIM…
- Overview
- Search Monitor
- Audit Capture
Need a simple and easy way to allow users to setup security on records? iCognition are experts in designing and developing custom interfaces for security conscious organisations.
Overview of Diem Security
Diem Security is a number of products that assist organisations to manage their TRIM corporate information environment to high security levels. This includes Diem Audit Capture and Diem Search Monitor.
Diem Search Monitor
Diem Search Monitor monitors searches that users are conducting across your TRIM solution. Diem Search Monitor capture searches being conducted by users periodically (e.g. every 5 minutes) and passes these to the Windows Event Log to allow your system administrator to interrogate and analyse the data.
Audit Capture Adapter
Security conscious clients have a requirement to capture the TRIM Audit Logs into a format more useful for monitoring events. Currently event logs in TRIM are written to a text log and are not easily visible to administrators. Therefore any potential unauthorized access to secure information within TRIM is not being easily monitored. Diem Audit capture enables TRIM Audit Logs to be converted into Event Logs, therefore enabling administrators to report on any potential security breaches. These event logs can also be captured by advanced auditing software such SNARE (System iNtrusion Analysis and Reporting Environment) to facilitate centralised analysis of audit log data.
Diem Search Monitor
Description
Diem Search Monitor monitors searches that users are conducting. Diem Search Monitor trawls through the HP TRIM WorkGroup Server logs to capture searches being conducted by users periodically (e.g. every 5 minutes). Data is captured to the Windows Event Log to allow system administrators to interrogate and analyse the data.
Search Monitor Windows Event Log
Functionality
The search data captured is in the following format:
filename |atline |utctime |localtime |dbid |machinename |user |search.
Text examples of data, when written to the Windows Event Log, are:
TRIMWorkgroup2010_11_4.log|76|4/11/2010 4:12:18 AM|4/11/2010 3:12:18 PM|46| cbrvpxtrim01.exchange.local |Administrator|This is a temp saved search
TRIMWorkgroup2010_11_4.log|85|4/11/2010 4:12:22 AM|4/11/2010 3:12:22 PM|46| cbrvpxtrim01.exchange.local |Administrator|Records - Records Due For Action 'G10/44'
TRIMWorkgroup2010_11_4.log|86|4/11/2010 4:12:23 AM|4/11/2010 3:12:23 PM|46| cbrvpxtrim01.exchange.local |Administrator|Records - Records In-Tray or Records Due For Action
TRIMWorkgroup2010_11_4.log|89|4/11/2010 4:12:26 AM|4/11/2010 3:12:26 PM|46| cbrvpxtrim01.exchange.local |Administrator|Records - Checked Out By You
Technical
Diem Search Monitor runs on the HP TRIM Workgroup Servers. It requires:
- HP TRIM 6.1, 6.2 or above client installed on the machine
- Microsoft.Net Framework2.0 installed
Diem Audit Capture Adapter
Description
Security conscious clients have a requirement to capture the TRIM Audit Logs into a format more useful for monitoring events. Currently event logs in TRIM are written to a text log and are not easily visible to administrators. Therefore any potential unauthorized access to secure information within TRIM is not being easily monitored.
iCognition has developed a solution which enables TRIM Audit Logs to be converted into Windows Event Logs, therefore enabling administrators to report on any potential security breaches. These event logs can also be captured by advanced auditing software such SNARE (System iNtrusion Analysis and Reporting Environment) to facilitate centralised analysis of audit log data.
Diem AuditCapture Adapters
Functionality
iCognition’s Diem Audit Capture is designed to work in conjunction with the TRIM Event Processor in creating easily read audit information in standard Microsoft Windows Event Log system. TRIM add-on is designed to assist in the near real-time collection of Auditing information for monitoring purposes. By doing so, each Audit log entry becomes its own Windows Event Log entry that can be easily read and/or used further by applications that already use the Event Log to monitor a server’s activity.
Technical
The installation of the Diem Audit Capture consists of a software installation and the configuration of the TRIM Event Processor. This software is only required to be installed on the TRIM system dealing with Audit Log processing.
