Your Browser is not longer supported

Please use Google Chrome, Mozilla Firefox or Microsoft Edge to view the page correctly
Loading...

{{viewport.spaceProperty.prod}}

Logging openFT operations - the logging function

Prevention of unauthorized access and protection of data inventories is just one security aspect. The complete documentation of the access check and the file transfer requests also puts you in a position to check your security network at any time and detect any leak. The logging function of openFT is the most suitable tool for doing this. It is activated as default and logs all information relating to file transfer requests, irrespective of whether the initiative lies in the local or remote system and whether the transfer was successful or not. The log records are written into the corresponding file. The scope of logging can be set as appropriate.

The logging function also serves as a basis for detecting break-in attempts. In addition, it may be used to obtain and evaluate performance data (see also the section "Automated further processing of openFT data").

Log records

If your local system is protected by FTAC, FTAC first checks all accesses to your system and logs the result in an FTAC log record. If the access check is negative, FTAC already rejects the request. If the access check is positive, the following applies:

  • In the case of a file transfer request (and if the request materializes), an FT log record is subsequently written indicating whether the request was executed successfully or why it was cancelled. This means that there can be two log records for one transfer request.

  • In the case of a remote administration request, an ADM log record is written indicating whether the request was executed successfully or why it was cancelled.

You may display log records relating to your login name at any time. Log records of other login names can only be viewed by the administrator.

The administrator can define the scope of logging separately for FT, FTAC and ADM logging and for directory transfer logging. FT, ADM and directory transfer logging can be fully disabled. Although FTAC logging can also be restricted, rejected FTAC access checks are always logged.

Offline logging

The FT administrator can switch the log file during system operation. Following the switchover, new log records are written to a new log file. The previous log file remains available as an offline log file. You can continue to view the log records for your user ID using the tools available in openFT.

Logging request with preprocessing / postprocessing

For security reasons, only the first 32 characters (or 42 characters for ftexecsv preprocessing on Unix systems or Windows systems) of a preprocessing or postprocessing command are recorded in the log record.

Saving and deleting log records

Only the FT administrator, the FTAC administrator and the ADM administrator are permitted to delete a log record or log file. Log records should be saved at regular intervals (ideally using a cyclical job). During this, the output of the corresponding command, not the active log file itself, should be saved. Switching the log file makes it possible to save the current log records in an offline log file. This offline log file can then be backed up by the FT administrator.

The benefit of this is, first, that the log records provide a complete record of FT operations which can be maintained for long periods, and second, that the log file does not assume unnecessarily large proportions, which saves CPU time when accessing the records.

Powered by Atlassian Confluence and Scroll Viewport.