Home SecurityTable of items saved in audit log

Table of items saved in audit log

User authentication and identification

Stored action

Operation

Audit ID

Result

1

Execute CE authentication

CE ID

OK/NG

5

Change or register CE password

CE ID

OK

2

Execute administrator authentication

Administrator ID

OK/NG

6

Change or register administrator password

CE ID/Administrator ID

OK

11

Execute user authentication

User ID / Unregistered ID

OK/NG

User alteration

Stored action

Operation

Audit ID

Result

7

Create user by administrator

User ID

OK

8

Change/Register user password by administrator

User ID

OK

9

Delete user by administrator

User ID

OK

10

Change user attribute by administrator

User ID

OK

12

Change the user attributes according to the user

(change the user password, etc.)

User ID

OK

Use of management functions and change of security setting

Stored action

Operation

Audit ID

Result

3

Set/Change Enhanced Security mode

Administrator ID OK/NG

19

Change HDD lock password

Administrator ID OK

41

Change password rules setting

Administrator ID OK

42

Change network setting

Administrator ID OK

43

Change the service login allow setting

Administrator ID OK

Usage of management functions and security audit

Stored action

Operation

Audit ID

Result

4

Audit log output (Manual and automatic modes)

Administrator ID OK/err No

44

Change the audit log transmission address setting

Administrator ID OK

Use of management functions and encryption support

Stored action

Operation

Audit ID

Result

45

Start the HDD encryption function

CE ID / Administrator ID OK/NG

46

Change the HDD encryption setting

Administrator ID / Unregistered ID OK/NG

47

Change the HDD encryption password

Administrator ID / Unregistered ID OK/NG

Usage of management functions and protection of security function operating environment

Stored action

Operation

Audit ID

Result

49

Execute ISW

CE ID / Administrator ID OK/NG

50

Firmware diagnosis

Administrator ID / Unregistered ID OK/NG

51

Device diagnosis

Administrator ID / Unregistered ID OK/NG

Time change (Use of management functions and protection of security function operating environment)

Stored action

Operation

Audit ID

Result

20

Date/time setting

User ID OK

Start and exit of audit function

Stored action

Operation

Audit ID

Result

52

Power-on (Start of audit function)

Unregistered ID OK

53

Power-off (Exit of audit function) * Sub power

Unregistered ID OK

54

Power-off (Exit of audit function) * Main power

Unregistered ID OK

End of job and job operations

Stored action

Operation

Audit ID

Result

16

Delete store job

User ID OK

21

Print copy job

User ID / Unregistered ID OK/NG

22

Store copy job

User ID / Unregistered ID OK/NG

23

Print print job

User ID / Unregistered ID OK/NG

24

Store print job

User ID / Unregistered ID OK/NG

25

Execute scan job

User ID / Unregistered ID OK/NG

26

Print store job

User ID / Unregistered ID OK/NG

27

Change or restore store job (move or copy)

User ID / Unregistered ID OK/NG

28

Recall store job

User ID / Unregistered ID OK/NG

29

Output store job file

User ID / Unregistered ID OK/NG

The purpose of analyzing the audit log is to understand the following and implement countermeasures:

  • Whether or not data was accessed or tampered with

  • Subject of attack

  • Details of attack

  • Result of attack

For specific analysis methods, refer to the following description.