Audit Logging. Vendor shall: Ensure that the following system events are recorded to one or more audit logs in real time: All logins (including standard user, admin user, and service accounts); Account administration: account create, delete, modify permissions, change password, etc.; and Supervisor/Administrator changes to system parameters including security settings and audit logging parameters. Ensure that each audit log event shall comprise at least the following information: Date; Time, down to resolution of at least one second; IP and/or username; Activity description; and Success or failure. Retain audit logs for at least one year. Make the audit logs available to the Customer via an automated process e.g. export from an admin dashboard, syslog, sftp, Splunk forwarder, etc.
Appears in 5 contracts
Samples: www.tamucc.edu, adminservices.tamucc.edu, adminservices.tamucc.edu
