PUM Audit Archive Client

(click on images for higher definition view)

Audit Archive Client diagram

Organizations using Privileged User Manager ® (“PUM") will need to backup and/or archive the encrypted audit trails located on the PUM Audit Servers.  The PUM audit trails are held in a proprietary, encrypted format (using AES  encryption) and are only accessible via PUMAdmin, via PUMService, and by using the PUM Audit Export Client.   In each case only by Users who belong to a Role with the appropriate Capabilities.  This PUM Audit Archive Client also accesses the audit trails but does not decrypt them.   

The end user organization may use the PUM Audit Archive Client to archive or backup selected extracts from the audit trails.  The backups/archives are created in native tar format with the data either being written to STDOUT (where it can be piped to another utility if required) or directly to a specified file. The PUM Audit Archive Client (pumaac) is invoked at the command line.  Any of the four audit trails generated by PUM may be backed up and restored, but only the Session Logs may be archived.  This facility is useful to keep the size of the data in the Audit Trail directory to a manageable size. The Access Server, Audit Server, and Database Audit Trails do not grow to such a significant size that archiving is required.  If the selected Audit Trails have been backed up, the Audit Trail selected from the live Audit Trail data location will remain in place.  The Audit Trails will only be removed in the case of an archive.

The restore function is used to re-create the Audit Trail data from an existing pumaac Audit Trail backup file. By default, the restore function will not overwrite existing Audit Trail files.

The PUM Audit Archive Client may be used to backup any of the following audit trails:

  • Access Server Logs
  • Audit Server Logs
  • Database Logs
  • Session Logs