Audit Log
This page is only accessible to members of the "Super User" admin group.
The greatest threat to your data comes from your own employees. Be sure to give your employees proper instruction with regard to your policies regarding cardholder data. Create a set of written policies and procedures to maintain the integrity of your secure environment. Restrict the number of employees who have access to the cardholder data as much as possible. You can do this in AbleCommerce by creating roles for your employees. See People > User Groups for built-in permissions to specific areas of the merchant administration.
In AbleCommerce, all user accesses of credit card data are written to the write only audit log. This log can help you monitor employee activities and identify suspicious behavior. It records events such as successful and invalid login attempts, viewing of credit card numbers, viewing of audit log, backup and restoring of encryption keys, etc.
View the Audit Log
Go to Configure > Security > Audit Log to view a page similar to the one shown below.
Click on the column heading to sort. Shown left to right are -
-
Date: The date and time of the event.
-
Event: The type of event that took place.
-
Success: Whether or not the event was successful.
-
User: The username (email) of the user who performed the action.
-
Re:
-
IP: The originating IP address.
-
Comment: As needed, comments about the event.
|