Important Notice: Our web hosting provider recently started charging us for additional visits, which was unexpected. In response, we're seeking donations. Depending on the situation, we may explore different monetization options for our Community and Expert Contributors. It's crucial to provide more returns for their expertise and offer more Expert Validated Answers or AI Validated Answers. Learn more about our hosting issue here.

What stops a Service-now admin with privileged access from tampering with the logs?

admin logs Privileged service-now Stops tampering
0
Posted

What stops a Service-now admin with privileged access from tampering with the logs?

0 CommentsAdd a Comment

1 Answer

0

• The product keeps two sets of logs. One is visible within the instance as the “system log”. An administrative user can, in theory, manipulate this log although the security manager can be configured to make such tampering extremely difficult. A second log exists on the file system of the application server and cannot be manipulated directly from within the App server. In the event of a forensic situation wherein an administrator has deliberately tampered with the application’s own internal auditing and logging capabilities, the file system based log can be used to reconstruct a user’s transactional history.

0 CommentsAdd a Comment

Related Questions

What is your question?

*Sadly, we had to bring back ads too. Hopefully more targeted.