Genesys CTI User Forum
Genesys CTI User Forum => Genesys CTI Technical Discussion => Topic started by: sanjay arya on June 25, 2018, 10:48:11 AM
-
Hello Guys,
I was wondering if someone could help....
I am trying to trace someone that has been fraudulently using someone else's CME login to change their own call taking skills!!
Someone has found out the login details and changed their own skills, but I need to prove it was them by tracing either the BASE UNIT (Hard drive) or Windows login.....
Not sure if CME has this data somewhere in the background, or if its a job for the IS Security Team to try and find out.
-
Do you know when the change was made? Do you have confserv logs?
-
on confServer logs you will find the client IP Address so that may help
-
Brilliant thank you guys......I don't have access to the Config Logs, but know the team that do.
If it shows the IP Address then that will be sufficient for the appropriate action to be taken
:)>
-
You can get the IP address from the message server log as well if it is configured correctly. One more place to look.
Warning, shameless plug ahead!
You might want to consider an auditing tool such as InProd which records this data. [url=https://www.inprod.io]https://www.inprod.io[/url]
-
[quote author=jarrod link=topic=11024.msg50164#msg50164 date=1530584210]
You can get the IP address from the message server log as well if it is configured correctly. One more place to look.
Warning, shameless plug ahead!
You might want to consider an auditing tool such as InProd which records this data. [url=https://www.inprod.io]https://www.inprod.io[/url]
[/quote]
It is ok, this is exactly when a tool like this would be useful :)