Auditing

SSH Tectia Server logs events in the syslog on Unix and in the Windows Event Log on Windows. Logging (auditing) is very important for security. You should check your logs often, or use tools to analyze them. From the logs, you can see, for example, whether unauthorized access has been attempted, and take further action if needed. For example, you could set the hosts from which the attempts have been made as denied, or drop the packets from the domain completely at your firewall. The logs also provide troubleshooting information.

The log events are classified in seven levels, in decreasing order of importance:

Security failure (Windows only): A user tried to log on but failed.
Security success (Windows only): A user logged successfully on.
Critical (Unix only): A critical problem has occurred. By default, this is not used by SSH Tectia Server.
Error: A serious problem has occurred, preventing the intended operation from completing successfully.
Warning: A problem has occurred, but the operation can continue.
Notice (Unix only): An action has been done.
Informational: Extra troubleshooting information.