Symantec Privileged Access Management

 View Only

 PIM and PAM Server control.

Willy RUKEMA's profile image
Willy RUKEMA posted Jun 05, 2025 09:33 AM

I was able to install the pam  package on my client AIX server connecting to my main server of PIM.  so i would like to know if pam server can enable or use key logger and if possible how may i configure it.

If not possible may i use the list of some command i may use ( i.e: program(*) audit(all) blockrun - is it possible

Thank you very much @Adam for your answer so i have another querry can i apply this property of keylogeer on all users on my clients?

Adam Roll's profile image
Broadcom Employee Adam Roll

Willy,

Good afternoon. Yes the PAM SC agent you have installed has a service called kblaudit which is a keylogger for sessions. If you review in the seos.ini you'll find the various token including the one to enable the service within the KBLAudit Section. To review what was logged you will still use seaudit utilizing the -kbl switch. Additional details on the switches for that can be found in Seaudit command