A typical computerized system is accessed by various users. When a user accesses the system with his/hers terminal device access related data and more particularly access log data is typically generated. The access log data can be presented e.g. for analysis and audit purposes. The capability of presenting the access logs to authorized users is considered important e.g. for security and/or operational reasons.
Users of computer systems can have differing levels of user rights. For example, a majority of users in an organization may only have rights to perform operations and access resources that relate to specific roles and tasks without any rights to make alterations to the settings and configurations of the system and its components. On the other hand, users with administrator rights can be allowed to make even considerable changes to the system. At least some level of control on activities of such users can be provided by means of access auditing. A common way to do this is to deploy specific auditing tools for privileged access auditing. The purpose of these tools is often to provide visibility into what system administrators do when they obtain access to a computer system, for example, for performing administrative operations.
Some privileged access auditing systems log commands executed with elevated privileges in a system log, from which they can be obtained. For example, certain privileged access auditing systems provide Java™-based applications for downloading and displaying session logs to a user (e.g., security administrator) who needs to view them. Some other privileged access auditing systems use a Windows™ based applications that download session logs and enable viewing the logs. Examples of commercial privileged access management systems include products sold under trade names CyberArk PIM, Xceedium, and BalaBit SCB.
However, these approaches require having special software installed on the terminal, typically a personal computer such as desktop, laptop or the like in order to provide a facility to view the logs. Viewing of the logs may also be quite difficult and require assistance from a security professional to extract the required information from logs. Security of some of the older software applications has been questioned and there may be resistance in installing these in the personal computers. Installing of a special application may also be quite difficult in practice in many cases.