Question: PAM administrator activity in credential manager like view password, addition/deletion of target accounts – are these logged by PAM?
will these be part of syslog messages or can they be seen under Session Recording Logs?
We want to be able to have access to these logs to generate an alert from SIEM for such privileged operations by PAM administrator.
thanks,
Maruti