Monitoring Cloud Pak for Data user activity
An IBM Cloud Pak® for Data administrator can check whether a user is online or offline and see information about the user's current session and previous session. You can use this information to identify suspicious activity and block the user from accessing the web client while the activity is investigated.
Best practice: In addition to monitoring user activity, you should
also forward audit logs to an external security information and event management (SIEM) solution.
For details, see Exporting Cloud Pak for Data audit records to a security information and event management solution.
- Who needs to complete this task?
- To monitor user activity, you must have one of the following permissions:
- Administer platform
- Manage users
- When do you need to complete this task?
- Complete this task as necessary to maintain the security of your Cloud Pak for Data environment.
Procedure
To monitor user activity: