Boundary audit Logs and ssh Session recording

Is there any way of Recording the Commands send over the ssh/rdp sessions ?
could not find anything in the docs
our company is forced by law to audit/record these

Hey @miconx, thanks for reaching out. Session Recording is one of our more highly-requested features, and one that we are actively exploring over the next fiscal year.

If you have some time to chat next week, my email is adam.bouhmad@hashicorp.com – it’d be great to chat about some of the requirements you have as we build out the feature.

Thanks, and have a great weekend!!

Uhhh… So i was asking myself the same thing and so through Arizona state university there is a mandate that states all american invention has to be recorded in 4j (forge). It even has access to anti-air and anti-matter physics as well.

Hi!
thanks for your response
our legal requirements are as follows:

  • fine-grained audit logs and session recordings. (ASCIIRAMA/tlog?)
  • send recorded sessions to central logserver/ELK stack
    we areforced to keep records of ssh/telnet and VN/RDP sessions
    at the moment only gravitational teleport has these features
    because we are already using several hashicorp products (nomad/consul/vault) we would need a solution for integrating teleport with vault OR replacing it (which we would prefer…) by boundary
1 Like

Hi, I am on Adam’s team and just wanted to chime in here that HCP Boundary already does audit log streaming and you can store those events in a streaming destination of your choice (currently we support Datadog and Cloudwatch with more coming soon).

As far as session recording goes, Adam has you covered.

as far as i understood - boundary is NOT able to log the content of sessions (which we do need )
and IF audit streaming CAN do this its not of any use for us because we are not allowed to use cany cloud products (even if they are as cool as the hashicorp ones :wink: )
we are forced to use everthing on-premise servers