Table of items saved in audit log
No. | Operation |
| Stored action | Result |
|---|---|---|---|---|
1 | CE authentication | CE ID | 01 | OK/NG |
2 | Administrator authentication | Administrator ID | 02 | OK/NG |
3 | Set/Change Enhanced Security mode | Administrator ID | 03 | OK |
4 | Print audit log/Output all to USB memory | CE ID/Administrator ID | 04 | OK |
5 | Change/Register CE password | CE ID | 05 | OK |
6 | Change/Register administrator password | CE ID/Administrator ID | 06 | OK |
7 | Create user by administrator | User ID | 07 | OK |
8 | Change/Register user password by administrator | User ID | 08 | OK |
9 | Delete user by administrator | User ID | 09 | OK |
10 | Change user attribute by administrator | User ID | 10 | OK |
11 | Password authentication for user | User ID*1/Unregistered user ID*2 | 11 | OK/NG |
12 | Change attributes of user by user (user password, etc.) | User ID | 12 | OK |
13 | (not used) | |||
14 | (not used) | |||
15 | Access to stored job (Printing hold/HDD store job, recalling HDD store job to hold job, storing hold job on HDD) | User ID | 15 | OK |
16 | Delete store job | User ID | 16 | OK |
17 | (not used) | |||
18 | (not used) | |||
19 | Change HDD lock password | Administrator ID | 19 | OK |
20 | Date/Time Setting | User ID | 20 | OK |
**1: Audit log ID is saved as user ID when user authentication is successfully made, or when password inconformity occurs with a registered user name.
**2: Audit log ID is saved as unregistered user ID when authentication failure occurs with an unregistered user name.
The purpose of analyzing the audit log is to understand the following and implement countermeasures:
Whether or not data was accessed or tampered with
Subject of attack
Details of attack
Result of attack
For specific analysis methods, refer to the following description.