Detailed Description
Use the HLAPI ACL API to create an Auditor user. After configuring an Auditor user, it is possible to configure a list of auditable events for the Auditor to monitor using the Access Monitor feature. The Auditor can:
• Read the secure access log.
• Set signatures on the log.
• Lock and unlock the log.
• Clear the log.
|
|
|
If Intel AMT receives a request to perform an action marked as critical and there is no room in the audit log to record the event or the audit log is locked, the request will be rejected. In certain cases, an event might be written to the audit log even though the action was not completed successfully (for example, there was a power failure before the requested action completed). Events that actually occur are always written to the log. The Auditor, and any other user with General Info permission, can read the audit log policy, the audit log status, and the audit log itself. All the other actions are available only to the Auditor. |
|
Copyright © 2006-2022, Intel Corporation. All rights reserved. |