Home > Data Protection > Data Protection (general) > Dell PowerProtect Data Domain Retention Lock > Audit Logging
System auditing capability represents a key requirement to meet compliance standards. Specifically, audit logs must be kept for operations on locked data. This requirement applies to both the backup application and the PPDE, DDVE, and DDVE (on-cloud). A log capturing user data operations is maintained by the backup application being used. Separately, the PPDE or DDVE preserves system logs including all system management operations associated with locked files stored on the Data Domain system.
All relevant operations are recorded in an audit log available to the Security Officer. The audit log can be forwarded to a remote syslog server to facilitate system monitoring and log audit activities. Consider writing a script that constantly pulls the log to monitor any suspicious activities. Additional attention is recommended to sensitive commands related to user access management, network, and system time settings. The System Administrator cannot modify the audit log file on the system that has RL-C mode installed and enabled.