Every action within the strongDM application is logged in a tamper-proof repository that is not accessible to account administrators. This includes every user authentication, query, ssh, and RDP command as well as administrator actions such as permission changes.
Logs are fully configurable so that you control what is passed to strongDM. You can choose to log with us or log locally. You can encrypt in the UI and/or encrypt locally. If you choose to do the latter, we provide a tool to decrypt the cryptext.
If you store logs with strongDM, they will be retained for a period of 13 months, and then permanently deleted.