Hanzo
PlatformHanzo KMSPlatformPrivileged Access ManagementProduct Reference

Session Recording

Learn how Hanzo KMS records and stores session activity for auditing and monitoring.

KMS PAM provides robust session recording capabilities to help you audit and monitor user activity across your infrastructure.

How It Works

When a user initiates a session by accessing an account, a recording of the session begins. The Gateway securely caches all recording data in temporary encrypted files on its local system.

Once the session concludes, the gateway transmits the complete recording to the Hanzo KMS platform for long-term, centralized storage. This asynchronous process ensures that sessions remain operational even if the connection to the Hanzo KMS platform is temporarily lost. After the upload is complete, administrators can search and review the session logs on the Hanzo KMS platform.

What's Captured

The content captured during a session depends on the type of resource being accessed.

Hanzo KMS captures all queries executed and their corresponding responses, including timestamps for each action.

Hanzo KMS captures all commands executed and their corresponding responses, including timestamps for each action.

Viewing Recordings

To review session recordings:

  1. Navigate to the Sessions page in your PAM project.
  2. Click on a session from the list to view its details.

PAM Sessions

The session details page provides key information, including the complete session logs, connection status, the user who initiated it, and more.

PAM Individual Session

Searching Logs

You can use the search bar to quickly find relevant information:

Sessions page: Search across all session logs to locate specific queries or outputs. PAM Sessions Search

Individual session page: Search within that specific session's logs to pinpoint activity. PAM Individual Session Search

FAQ

Yes. All session recordings are encrypted at rest by default, ensuring your data is always secure.

Currently, Hanzo KMS uses an asynchronous approach where the gateway records the entire session locally before uploading it. This design makes your PAM sessions more resilient, as they don't depend on a constant, active connection to the Hanzo KMS platform. We may introduce live streaming capabilities in a future release.

How is this guide?

Last updated on

Credential Rotation

Learn how to automate credential rotation for your PAM resources.

Auditing

Learn how Hanzo KMS audits all actions across your PAM project.

On this page

How It Works
What's Captured
Viewing Recordings
Searching Logs
FAQ