Fortinet black logo

Administration Guide

Home FortiPAM 1.3.0 Administration Guide
1.3.0
1.3.0
1.2.0
1.1.2
1.1.1
1.1.0
1.0.3
1.0.2
1.0.1
1.0.0

Secret audit

Secret audit

Secret Audit displays a list secret audit reports.

Secret audit reports make it easier for the management to understand the permission distribution of each secret in the system so that when users change, they can accurately and quickly grasp the addition and deletion of permissions. At the same time, it also allows auditors to globally observe the distribution of permissions of each user and the apparent ownership of each key.

A secret audit report contains the following information about each secret:

  • target server

  • user account accessing the secret

  • folder where the secret resides

  • secret name

  • user/user group with access to the secret

  • secret access permission level for the user accessing the secret

For each report entry; the report name and the date when the report was generated is displayed.

The report name follows the following naming convention:

SecretAccessAuditReport-YYYY-MM-DD-HHMMSS.csv

The Secret Audit tab includes the following options:

Generate Report

Select Generate Report to generate a new secret audit report.

Search

Enter a search term in the search field, then hit Enter to search the reports list. To narrow down your search, see Column filter.

Refresh

To refresh the contents, click the refresh icon.

The following options are available for each of the generated report:

View

Select to view the selected report.

When viewed from within FortiPAM, a secret audit report looks like the following:

Download

Select to export the selected report to your computer as a csv file.

Delete

Select to delete the selected reports.

CLI configuration to generate secret audit report example

  1. In the CLI console, enter the following command: 
     execute audit secret-access

Previous
Next

Secret audit

Secret Audit displays a list secret audit reports.

Secret audit reports make it easier for the management to understand the permission distribution of each secret in the system so that when users change, they can accurately and quickly grasp the addition and deletion of permissions. At the same time, it also allows auditors to globally observe the distribution of permissions of each user and the apparent ownership of each key.

A secret audit report contains the following information about each secret:

  • target server

  • user account accessing the secret

  • folder where the secret resides

  • secret name

  • user/user group with access to the secret

  • secret access permission level for the user accessing the secret

For each report entry; the report name and the date when the report was generated is displayed.

The report name follows the following naming convention:

SecretAccessAuditReport-YYYY-MM-DD-HHMMSS.csv

The Secret Audit tab includes the following options:

Generate Report

Select Generate Report to generate a new secret audit report.

Search

Enter a search term in the search field, then hit Enter to search the reports list. To narrow down your search, see Column filter.

Refresh

To refresh the contents, click the refresh icon.

The following options are available for each of the generated report:

View

Select to view the selected report.

When viewed from within FortiPAM, a secret audit report looks like the following:

Download

Select to export the selected report to your computer as a csv file.

Delete

Select to delete the selected reports.

CLI configuration to generate secret audit report example

  1. In the CLI console, enter the following command: 
     execute audit secret-access

Previous
Next