Edge Encryption monitoring

You can monitor sessions that use Edge Encryption proxies.

The instance tracks all encryption proxies. Each encryption proxy registers when it starts up. The instance is notified when:
  • A new encryption proxy starts up.
  • An encryption proxy is intentionally shut down.

If an encryption proxy attempts to register with an instance that does not have Edge Encryption installed, the proxy will not start.

All encryption configuration files are audited. Deleted records are audited on all encryption configuration files. Audit records are put in the sys_audit table. To view the history of a specific configuration record, view the record, and click History > List in the menu. The Mass Encryption Job file is not audited.

You can also monitor the following lists and file for information about your proxies:
Edge Encryption Configuration > Diagnostics And Troubleshooting > Invalid Insert Attempts List of attempts to save the following data to encrypted fields:
  • Unencrypted data.
  • Data that did not come from an Edge Encryption proxy.

The instance rejects and then logs any attempts to save this data. If you have the security-admin role, you can view the logs in the Invalid Insert Attempts list.

Edge Encryption Configuration > Proxies > Online List of online proxies.
Edge Encryption Configuration > Proxies > All List of all proxies.
System log The instance periodically checks for messages from each encryption proxy, and it logs an error if a proxy has not sent a message in the required time frame. The log message contains information about the encryption proxy and the last time the proxy pinged the instance. If the instance determines that none of the encryption proxies are online, it logs a message. These messages are added to the system log.
xmlstats Information about the number of registered encryption proxies, and the number of pending and running mass encryption jobs.