Would like to see a feature where one could export the audit log to a format usable by Excel. This would allow us to search and filter. Would also allow us to send logs to clients if needed.
We now have the Extension: Report Manager, which allows you to create a report and download it. You have the options to download to CSV, XML, and JSON. For information please take a look here.
We also have the extension, Download Audit Log as CSV that would help you out.
Or documented way of accessing this from the SQL would be even better.
Our company has been trying to get rid of our IT MSP for multiple reasons. They are withholding all of our licenses that we've purchased through them. They wouldn't turn over our domain or admin passwords for our own servers and we have good reason to believe they are spying on us through VNC and various connect wise software. I've asked for an audit trail of all their software they've installed on our computers. They said they'd have to charge us because it is not easy to run reports and so far only sent me an excel report from logmein - (which i wasn't very worried about them spying through that). How can I ensure they provide me the reports that I need to see to verify if they have logged into PCs without authorization. Any help would be greatly appreciated!
If they're using LogMeIn, I don't know why you're posting here.
For ScreenConnect, this information is in your Windows Event Application & Security Logs.
As far as I know VNC doesn't log connections.
Any MSP that's using LogMeIn, ScreenConnect, and VNC would worry me. There's no reason to have LMI & SC, which suggests lack of standardisation etc. If they're using LabTech (ConnectWise Automate) then unfortunately VNC cannot be blocked from installing, even though it's not been used for years. See https://product.connectwise.com/communities/5/topics/12974-allow-prevention-of-installing-vnc-when-using-screenconnect
Thanks for the reply. This MSP is for sure bad news. I literally caught them logging on through VNC by constantly checking my task manager and kept ending task each time I'd find them on there. After continually ending the task and kicking them out, they stopped going back in through VNC and I was surprised because it was right in the middle of negotiations over getting rid of them and I knew they'd want to see what I was emailing our attorney and the new IT company. I did some more searches on my computer only to find that they installed Screen Connect the same day they stopped trying to get on through VNC. This was installed without notifying us or getting authorization. Is there any legal recourse against this? Wouldn't an outside entity need to give us notice? Any help on this and regarding any specifics I should ask for from them with these audit reports would be greatly appreciated. I am not going to know what I should be expecting and will be relying on them to give me what I am asking, but I know they are probably capable of doctoring or covering up things since i don't know what to expect.
Customer support service by UserEcho