- Country tracking: see where events took place and spot suspicious activity
- Download CSV: download detailed logs for auditing and security reviews
- Filtering: focus on the specific actions important to you
Raspberry Pi Connect enables secure remote access to your Raspberry Pi devices through screen sharing and remote shell capabilities, accessible from anywhere. A crucial element of organizational security is understanding when and by whom a device has been accessed via Connect; therefore, enhanced audit log functionality provides precisely that.
Understanding the Improved Audit Log Features
Connect for Organisations now boasts an improved audit log to simplify administrators’ review processes, spanning the past 90 days. Events are displayed chronologically, starting with the most recent, offering a clear view of every screen sharing session, remote shell interaction, access token creation, device additions and removals, as well as any modifications made to user roles.
Geolocating Events for Enhanced Security
To assist in identifying potentially suspicious activity, Connect now geolocates each event based on the IP address used. Notably, only the country code is stored to maintain privacy. This geolocation data is incorporated into both the web interface and the downloadable CSV export, allowing administrators to quickly determine if access originated from an unexpected location. For example, spotting a session originating from a country outside of your organization’s typical operational areas can highlight potential security concerns.
Downloading Audit Logs for Detailed Analysis
Administrators now have the ability to download a comprehensive CSV file containing the entire audit log data. This allows for more in-depth analysis using spreadsheet software of their choice. Furthermore, as an added precaution, you will be prompted to download the full audit log before deleting your organization, ensuring these valuable records are preserved.
Filtering Actions for Targeted Review
Beyond exporting data, Connect now offers filtering capabilities within the web interface itself. This allows administrators to focus on specific actions, such as ‘Screen sharing session started’ or ‘Invite accepted,’ significantly streamlining investigations when reviewing device activity. Consequently, pinpointing relevant events becomes much faster and more efficient.
Leveraging Audit Log Features for Investigations
If a team member reports unusual activity, these new audit log features can be invaluable tools. For instance, an administrator might first filter the audit log to isolate relevant actions. Subsequently, they could check if any events originated from unexpected countries and, finally, export a detailed timeline for further security team review.
Getting Started with Enhanced Audit Logs
These improved audit log features are immediately accessible to all existing Connect for Organisations users. If you’re new to Connect for Organisations, you can start a four-week free trial now and experience the benefits of secure remote access with unlimited registered devices—pricing is based on peak device usage.
Source: Read the original article here.
Discover more tech insights on ByteTrending.
Discover more from ByteTrending
Subscribe to get the latest posts sent to your email.
