Halochain is a powerful feature that scrutinizes audit log files such as HaloENGINE_Monitor.log and HaloENGINE_Admin_Activities.log for any manipulation.
Prerequisites:
-
Make sure that you have enabled Halochain in Monitor Properties.
-
It is recommended to enable the Halochain feature during the initial configuration of the HaloENGINE. This is because Halochain is designed to work with a fresh
HaloENGINE_Monitor.logfile. In case, you enable it at a later stage, you need to back up theHaloENGINE_Monitor.logfile and then delete or empty the log file to start the validation.
Follow the below procedure to validate the audit log file:
-
On the left navigation bar, click Customer Configuration, and then from the Customers list, select one of them.
-
On the Monitor Log Validation tab, click Configure.
-
The Monitor Local Log Validation page will appear:
Monitor log validation
-
Click Validate Logs.
Results:
-
You will receive the message “The log file has been validated and no manipulated entries found.”, if no manipulation is identified,
-
If manipulation is detected, you will obtain the following output:
Halochain output
-