Fortanix Data Security Manager - Sysadmin Settings - Transient Audit Logging

1.0 Introduction

This article describes how to enable transient audit logging for an account in Fortanix Data Security Manager (DSM).

Transient audit logging allows DSM to record audit events and usage metrics for operations performed using transient keys. This feature is configurable at the account-level and is supported in Fortanix DSM on-premises deployments.  

2.0 Configure Transient Audit Logging for an Account

Transient audit logging is disabled by default. It must be explicitly enabled for each account where auditing of transient key operations is required.

NOTE

• Audit events are recorded only after this setting is enabled.

• Previously executed transient key operations are not retroactively logged.

• The configuration applies at the individual account level.

Perform the following steps to configure transient audit logging for an account:

1. Navigate to the System Administration → Accounts menu item.

2. Select the account for which you want to configure transient audit logging.

3. Scroll to the end of the screen and in the Account Plan section, select the Transient audit logging check box.

4. Click SAVE CHANGES to apply the configuration.

   

After the setting is enabled, subsequent transient key operations are recorded in the Audit Logs. These logs can be used by administrators to review activity and monitor transient key usage.