HappyHippo's avatar
HappyHippo
Contributor
2 years ago
Status:
Reviewed by moderator

Report section to included device names that have been renamed or deleted

The reports available within Central are great but really do not seem to provide enough information. 

 

When a device is deleted, LMI deletes all information relating to this device, why is this? Can we not keep this in the audit trail and set a retention period on the auditing logs? 

 

The report section should include device names that have been renamed or deleted, by which user and IP address. At present, it's becoming hard to track down these actions.

 

Are there any workarounds I am not aware of to find this info?

 

We would also find it beneficial for LMI to incorporate a deletion confirmation process:

When user 'X' deletes a device or group, it should go into a 'pending deletion'. These should then be accepted or declined by another user with relevant permissions, let's say user 'Y'.

This will then be added to an audit table of deletion user, device name, IP of user X and Y.

 

Thank you.

  • KateG's avatar
    KateG
    GoTo Moderator

    HappyHippo nice to see you around the Community. 

     

    I'm going to share the need for information on deleted devices and a deletion confirmation process with the team and will pass on any information I have on workarounds and future implementation. Thanks! 

      • KateG's avatar
        KateG
        GoTo Moderator

        HappyHippo I don't have a timeline currently for an implementation. I will check with the team and see if I can get more information on incorporating this. 

  • KateG's avatar
    KateG
    GoTo Moderator
    Status changed:
    New
    to
    Reviewed by moderator

    Currently this is not on the timeline, but moving this to the idea section where others can kudo and comment. 

  • Thanks KateG. I believe the computer/device deletion confirmation by another user really is a must. At the moment, there's no protection against a gruntled employee. Thinking from an ISO27001 perspective, applying least privileged is something we do, however, to ensure business continuity and approval of any changes outside of a 'request for change', i.e, someone deleting with malice, we need protection. I am sure this is the same for all other business users. We really do need computer/device deletion confirmation from another approver.