I've been asked the following questions by our Cyber Security Team to make sure we are compliant with company policies and asked to provide evidence to support these statements.

I know that user logging shows when people have recently logged into Dataminer and that a user can set a logout timer within their own profiles but i can't seem to find anywhere that i can set a group policy in Dataminer for items 1. & 4. and struggling to find logs that show 2. & 3.

Does anyone have any ideas if these are at all possible and if so where i would find the logs showing all the login attempts whether they be successful or not?

Thanks

Dave

1. Accounts are being locked or blocked for a period of time after a number of predefined unsuccessful log-on attempts.

Screenshot taken after a number of failed logon attempts which demonstrates that the account is locked or logon is temporarily blocked. (Alternatively report from compliance management system which demonstrates that the appropriate system setting is in place.) Confirmation that the number of allowed failed logon attempts until the account gets locked / the system gets blocked is aligned with the relevant policy.

2. Unsuccessful and successful attempts are being logged and security events are raised if a potential attempted or successful breach of log-on controls is detected.

3. Log files from the system showing the unsuccessful logon attempts and screenshot of the resulting security event.

4. Inactive sessions are being terminated or locked after a defined period of inactivity.

Screenshot showing terminated or locked session after a period of inactivity.  (Alternatively report from compliance management system which demonstrates that the appropriate system setting is in place.) Confirmation that the timeout limit is aligned with the relevant policy.