Reviewing Sessions

Session Review provides an additional level of security by recording a user's actions after a session is launched.

The Delinea Platform captures second-by-second screen shots in the browser during a user's recorded session. These images of the user's screen are compiled into a video that can be played back for auditingClosed A record of actions that are typically user initiated but may also include some system actions. An audit is designed for consumption by users - mainly security overseers like SecOps and CISOs. and security purposes.

Session Review allows administrators with the appropriate permission to view all active launched sessions within the platform. If Session Review is enabled on the secretClosed A piece of information that is stored and managed in the Delinea Secret Server vault. Typical secrets include privileged passwords on routers, servers, applications, and devices. Files can also be stored in secrets, such as private key files, SSL certificates, license keys, network documentation, Microsoft Word or Excel documents, and more. Secrets are derived from secret templates., an administrator can watch the user's session in real time or after the session recording has been completed.

Recordings listed in the Session Review table that are sourced from Secret ServerClosed The Delinea secrets vault. Delinea Secret Server is an enterprise-grade secrets storage vault for securely storing, managing, and controlling access to privileged credentials and other sensitive data. See Secret Server on Platform, Secret Server Cloud (SSC), and Secret Server on Premises (SSOP) for distinctions. On-Premises systems are not supported for viewing or analysis. Playback is only supported when requested from the same network as the Secret ServerClosed The Delinea secrets vault. Delinea Secret Server is an enterprise-grade secrets storage vault for securely storing, managing, and controlling access to privileged credentials and other sensitive data. See Secret Server on Platform, Secret Server Cloud (SSC), and Secret Server on Premises (SSOP) for distinctions. On-Premises installation.

Enabling Session Review

Before you can view session recordings on the platform, a session recording must be configured within the vault on both the tenant and secretClosed A piece of information that is stored and managed in the Delinea Secret Server vault. Typical secrets include privileged passwords on routers, servers, applications, and devices. Files can also be stored in secrets, such as private key files, SSL certificates, license keys, network documentation, Microsoft Word or Excel documents, and more. Secrets are derived from secret templates. level. See Configuring Session Recording to configure Session Recordings within your Secret ServerClosed The Delinea secrets vault. Delinea Secret Server is an enterprise-grade secrets storage vault for securely storing, managing, and controlling access to privileged credentials and other sensitive data. See Secret Server on Platform, Secret Server Cloud (SSC), and Secret Server on Premises (SSOP) for distinctions. Cloud instance.

Launching a PRA Session with Session Review Enabled

Confirm that a secretClosed A piece of information that is stored and managed in the Delinea Secret Server vault. Typical secrets include privileged passwords on routers, servers, applications, and devices. Files can also be stored in secrets, such as private key files, SSL certificates, license keys, network documentation, Microsoft Word or Excel documents, and more. Secrets are derived from secret templates. has session recording enabled. Select the secretClosed A piece of information that is stored and managed in the Delinea Secret Server vault. Typical secrets include privileged passwords on routers, servers, applications, and devices. Files can also be stored in secrets, such as private key files, SSL certificates, license keys, network documentation, Microsoft Word or Excel documents, and more. Secrets are derived from secret templates. and navigate to the Security tab. In the Other Security section of the page, the Session Recording Enabled field indicates enabled.

On the Overview tab, under Launchers, select Open with Remote Access to start a remote access session to the target machine.

Enabling Metadata Recording

By default, session recording creates videos of the launched session. In addition to video, the Delinea Platform supports loggingClosed A record of background events typically related to systems, performance, outages, etc. A log is typically consumed by IT/Ops to help them ensure that things are running optimally and delivered according to the appropriate SLA. additional metadata, such as keystrokes for RDP and SSH sessions. When these options are enabled, users can search for keystrokes or applications across sessions, and the session playback interface shows additional activity information.

Remote Desktop session metadata requires Secret ServerClosed The Delinea secrets vault. Delinea Secret Server is an enterprise-grade secrets storage vault for securely storing, managing, and controlling access to privileged credentials and other sensitive data. See Secret Server on Platform, Secret Server Cloud (SSC), and Secret Server on Premises (SSOP) for distinctions. 10.6 and the advanced session recording feature. This feature requires installation of Secret ServerClosed The Delinea secrets vault. Delinea Secret Server is an enterprise-grade secrets storage vault for securely storing, managing, and controlling access to privileged credentials and other sensitive data. See Secret Server on Platform, Secret Server Cloud (SSC), and Secret Server on Premises (SSOP) for distinctions.’s advanced session recording agentClosed An agent is software installed on a computer that can act autonomously to achieve goals set by humans. An agent has self-governing attributes and capabilities in reasoning, learning, adaptability, decision-making, policy-following, and execution. (ASRA), or Direct AuditClosed A record of actions that are typically user initiated but may also include some system actions. An audit is designed for consumption by users - mainly security overseers like SecOps and CISOs. agentClosed An agent is software installed on a computer that can act autonomously to achieve goals set by humans. An agent has self-governing attributes and capabilities in reasoning, learning, adaptability, decision-making, policy-following, and execution. on the target servers. See Installing the Advanced Session-Recording Agent.

SSH keystroke data relies on the Secret ServerClosed The Delinea secrets vault. Delinea Secret Server is an enterprise-grade secrets storage vault for securely storing, managing, and controlling access to privileged credentials and other sensitive data. See Secret Server on Platform, Secret Server Cloud (SSC), and Secret Server on Premises (SSOP) for distinctions. SSH Proxy. To enable SSH Proxy, see SSH Proxy Configuration.

When the proxy is enabled, recorded SSH sessions logClosed A record of background events typically related to systems, performance, outages, etc. A log is typically consumed by IT/Ops to help them ensure that things are running optimally and delivered according to the appropriate SLA. SSH traffic, which can be searched and displayed in the Session Recording playback interface. See Viewing Sessions.