0% found this document useful (0 votes)

58 views

SPS 7.5 SafeguardDesktopPlayerUserGuide

oneidentity pam

Uploaded by

kgujas

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

58 views

SPS 7.5 SafeguardDesktopPlayerUserGuide

oneidentity pam

Uploaded by

kgujas

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 72

One Identity Safeguard for Privileged

Sessions 7.5

Safeguard Desktop Player User Guide

Copyright 2024 One Identity LLC.
ALL RIGHTS RESERVED.
This guide contains proprietary information protected by copyright. The software described in this
guide is furnished under a software license or nondisclosure agreement. This software may be used
or copied only in accordance with the terms of the applicable agreement. No part of this guide may
be reproduced or transmitted in any form or by any means, electronic or mechanical, including
photocopying and recording for any purpose other than the purchaser’s personal use without the
written permission of One Identity LLC .
The information in this document is provided in connection with One Identity products. No license,
express or implied, by estoppel or otherwise, to any intellectual property right is granted by this
document or in connection with the sale of One Identity LLC products. EXCEPT AS SET FORTH IN THE
TERMS AND CONDITIONS AS SPECIFIED IN THE LICENSE AGREEMENT FOR THIS PRODUCT,
ONE IDENTITY ASSUMES NO LIABILITY WHATSOEVER AND DISCLAIMS ANY EXPRESS, IMPLIED OR
STATUTORY WARRANTY RELATING TO ITS PRODUCTS INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-
INFRINGEMENT. IN NO EVENT SHALL ONE IDENTITY BE LIABLE FOR ANY DIRECT, INDIRECT,
CONSEQUENTIAL, PUNITIVE, SPECIAL OR INCIDENTAL DAMAGES (INCLUDING, WITHOUT
LIMITATION, DAMAGES FOR LOSS OF PROFITS, BUSINESS INTERRUPTION OR LOSS OF
INFORMATION) ARISING OUT OF THE USE OR INABILITY TO USE THIS DOCUMENT, EVEN IF
ONE IDENTITY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. One Identity makes
no representations or warranties with respect to the accuracy or completeness of the contents of this
document and reserves the right to make changes to specifications and product descriptions at any
time without notice. One Identity does not make any commitment to update the information
contained in this document.
If you have any questions regarding your potential use of this material, contact:
One Identity LLC.
Attn: LEGAL Dept
4 Polaris Way
Aliso Viejo, CA 92656
Refer to our website (http://www.OneIdentity.com) for regional and international office information.
Patents
One Identity is proud of our advanced technology. Patents and pending patents may apply to this
product. For the most current information about applicable patents for this product, please visit our
website at http://www.OneIdentity.com/legal/patents.aspx.
Trademarks
One Identity and the One Identity logo are trademarks and registered trademarks of One Identity
LLC. in the U.S.A. and other countries. For a complete list of One Identity trademarks, please visit
our website at www.OneIdentity.com/legal/trademark-information.aspx. All other trademarks are
the property of their respective owners.
Legend

WARNING: A WARNING icon highlights a potential risk of bodily injury or property

damage, for which industry-standard safety precautions are advised. This icon is
often associated with electrical hazards related to hardware.

CAUTION: A CAUTION icon indicates potential damage to hardware or loss of data

if instructions are not followed.

SPS Safeguard Desktop Player User Guide

Updated - 08 March 2024, 09:50
For the most recent documents and product information, see Online product documentation.
Contents

Summary of changes 5

Features and limitations 8

Installing Safeguard Desktop Player 10

Safeguard Desktop Player system requirements 10
Installing Safeguard Desktop Player on Windows 11
Installing Safeguard Desktop Player on Windows to use with the SPP desktop client
application 13
Installing Safeguard Desktop Player on Linux 14
Installing Safeguard Desktop Player on Mac 16

First steps 19
Thank you for installing the Safeguard Desktop Player 19
Getting started with the Safeguard Desktop Player 20
The Search window of Safeguard Desktop Player 22
Preferences for the Safeguard Desktop Player 24

Validating audit trails 27

Replaying audit trails 29

Replaying encrypted audit trails 35

Replaying encrypted audit trails from the command line 37

Replaying audit files in follow mode 39

Searching in the content of the current audit file 43

Search query examples 45

Exporting the audit trail as video 53

Exporting the sound from an audit trail 55

Exporting zat and zatx files 56

Sharing an encrypted audit trail 57

Replaying X11 sessions 59

SPS 7.5 Safeguard Desktop Player User Guide

3
Exporting transferred files from SCP, SFTP, HTTP, and RDP audit trails 61
Exporting files from an audit trail after RDP file transfer through clipboard or disk redir-
ection 61
Exporting transferred files from SCP, SFTP, HTTP and RDP audit trail using the
command line 62

Exporting raw network traffic in PCAP format 64

Exporting raw network traffic in PCAP format using the command line 64
Exporting raw network traffic in PCAP format using the GUI 65

Exporting screen content text 66

Troubleshooting the Safeguard Desktop Player 67

Determining your Safeguard Desktop Player version 67
Export transferred files from SCP, SFTP, and HTTP audit trail using the GUI 67
.zat, .zatx, and .srs files not opened automatically 68
Problems in VirtualBox 68
Force rendering software 68
Cannot import CA certificate 68
Logging 69

Keyboard shortcuts 71

About us 72
Contacting us 72
Technical support resources 72

SPS 7.5 Safeguard Desktop Player User Guide

4
1

Summary of changes

Version 1.8 - 1.9

Changes in product:

l For RDP and ICA trails, you can select a keyboard layout depending on the language
used in the trail and recreate the subtitle of the trail.
For more information, see Replaying audit trails.
l The installation of the Safeguard Desktop Player on Windows has been improved. You
no longer need elevated privileges to install the Safeguard Desktop Player, and for
future versions, you can install the new version without first having to uninstall the
previous version.
If you already have an earlier version of the Safeguard Desktop Player application
installed on the host (version 1.8 or earlier), uninstall the previous installation. For
future versions of the Safeguard Desktop Player, you do not need to uninstall the
previous version before you can install the new version as this will be done
automatically.
For more information, see Installing Safeguard Desktop Player on Windows.

Version 1.6 - 1.8

Changes in product:

l It is now possible to export transferred files from the clipboard channel in

RDP sessions.
For more information, see Exporting transferred files from SCP, SFTP, HTTP, and RDP
audit trails.

SPS 7.5 Safeguard Desktop Player User Guide

5
Summary of changes
Version 1.5 - 1.6

Changes in product:

l It is now possible to search in the contents of the audit trails for trails of graphical
sessions created and indexed with SPS 6.0.
For more information, see Searching in the content of the current audit file.

Version 1.4 - 1.5

Changes in product:

l It is now possible to install the Safeguard Desktop Player application on Mac.

For more information, see Installing Safeguard Desktop Player on Mac.

Version 1.3 - 1.4

Changes in product:

l It is now possible to export:

l transferred files from SCP, SFTP, and HTTP audit trails using the GUI
l raw network traffic in PCAP format
l screen context text from text-based protocols in TXT format

Version 1.2 - 1.3

Changes in product:

l It is now possible to jump to interesting events within an audit trail using

configurable, color-coded indicators on the seeker.
You can also choose to display subtitles for audit trails. Subtitles list certain user
events as they occurred in a session.
For details, see Replaying audit trails.

Version 1.1 - 1.2

Changes in product:

l It is now possible to replay the audit trails of X11 sessions. For more information, see
Replaying X11 sessions.

SPS 7.5 Safeguard Desktop Player User Guide

6
Summary of changes
Version 1.0 - 1.1

Changes in product:

l It is now possible to follow active connections in semi-real time. For more

information, see Replaying audit files in follow mode.

SPS 7.5 Safeguard Desktop Player User Guide

7
Summary of changes
2

Features and limitations

NOTE: You can replay audit trails in your browser, or using the Safeguard Desktop Player
application. Note that there are differences between these solutions.
For details on the Safeguard Desktop Player application, see Safeguard Desktop Player
User Guide.
The following table details the differences between the solutions provided by the browser
and the Safeguard Desktop Player application when replaying audit trails.

Browser Safeguard Desktop Player

Works without installation ✔ -

Works on any operating system ✔ Windows, Linux, Mac

Replays audit trails recorded with SPS 5 ✔ ✔

F4 and newer

Replays TN5250 sessions ✔ ✔

Extracts files from SCP, SFTP, HTTP and - ✔

RDP sessions

Replays HTTP sessions - Only exports raw files from the

command line

Replays X11 sessions ✔ ✔

Starts replay while rendering is in ✔ ✔

progress

Follows 4-eyes connections - ✔

Replays live streams in follow mode ✔ ✔

Exports to PCAP - ✔

Displays user input ✔ ✔

Displays subtitles for video ✔ ✔

Exports audit trail as video - ✔

SPS 7.5 Safeguard Desktop Player User Guide

8
Features and limitations
Browser Safeguard Desktop Player

Exports screen content text - ✔

Searches in the contents of the audit - ✔

trails

SPS 7.5 Safeguard Desktop Player User Guide

9
Features and limitations
3

Installing Safeguard Desktop Player

This section provides information on how to install the Safeguard Desktop Player
application in different operating systems.

Safeguard Desktop Player system

requirements
The Safeguard Desktop Player application supports the following operating systems:

l Microsoft Windows:
l 64-bit version of Windows 10 (from version 1607)
l 64-bit version of Windows 11
l Windows Server 2016 (from version 1607)
l Windows Server 2019
l Windows Server 2022
Install the appropriate driver for your graphic card.
l Linux:
RHEL 7, CentOS 7, or newer. The Safeguard Desktop Player application will probably
run on other distributions as well that have at least libc6 version 2.17 installed.
Depending on the distribution, you will need to install the following packages:
l On Debian-based GNU/Linux:
l libxcb-render-util0
l libxcb-keysyms1
l libxcb-image0
l libxcb-randr0
l libxcb-xkb1

SPS 7.5 Safeguard Desktop Player User Guide

10
Installing Safeguard Desktop Player
l libxcb-xinerama0
l libxcb-icccm4
l On CentOS/Red Hat:
l xcb-util-renderutil
l xcb-util-keysyms
l xcb-util-image
l Mac:
macOS macOS Monterey 12, or newer.

To install the Safeguard Desktop Player application, you need about 200MB disk space, and
a temporarily used disk space to store the audit trails that are replayed. The size of the
temporary files depends on the size of the replayed audit trails.
You can install the Safeguard Desktop Player application with user privileges.

Installing Safeguard Desktop Player on

Windows
This section describes how to install the Safeguard Desktop Player application.
NOTE: If you use the SPP desktop client application to view audit trails that were created
and indexed with One Identity Safeguard for Privileged Sessions (SPS), see Installing
Safeguard Desktop Player on Windows to use with the SPP desktop client application.

Prerequisites

l You must have a valid support portal account with access to SPS downloads.
l Microsoft Windows:
l 64-bit version of Windows 10 (from version 1607)
l 64-bit version of Windows 11
l Windows Server 2016 (from version 1607)
l Windows Server 2019
l Windows Server 2022
Install the appropriate driver for your graphic card.
For details, see Safeguard Desktop Player system requirements.
l If you already have an earlier version of the Safeguard Desktop Player application
installed on the host (version 1.8 or earlier), uninstall the previous installation. For
future versions of the Safeguard Desktop Player, you do not need to uninstall the
previous version before you can install the new version as this will be done
automatically.

SPS 7.5 Safeguard Desktop Player User Guide

11
Installing Safeguard Desktop Player
To install the Safeguard Desktop Player application

1. Download the Safeguard Desktop Player application for Windows from the
Downloads page.
2. Install the Safeguard Desktop Player application using one of the following options:
l Navigate to the Downloads directory and start the installation.
l Silent install if using terminal: Alternatively, from the terminal, use the msiexec
/quiet silent install option to install the Safeguard Desktop Player.
For example: msiexec /i <player.msi>
INSTALLFOLDER="C:\Users\<yourusername>\AppData\Local\Safeguard\" /quiet
The installation wizard opens.
3. On the Setup Preferences page, select the required options. After that, click Next
to create the start menu icon, and register the audit trail file extensions.

Figure 1: Setup preferences

4. Select where you want to save the Safeguard Desktop Player application installer,
and after that, click Next. The default installation folder is
C:\Users\<yourusername>\AppData\Local\Safeguard.

SPS 7.5 Safeguard Desktop Player User Guide

12
Installing Safeguard Desktop Player
Figure 2: Selecting the installation folder

5. Read the Software Transaction, License and End User License Agreements of
Safeguard Desktop Player, select I accept the license, then click Next.
6. To install the Safeguard Desktop Player application, click Install, and after that,
when the installation is complete, click Finish.

Installing Safeguard Desktop Player on

Windows to use with the SPP desktop
client application
This section describes how to install the Safeguard Desktop Player application if you use the
One Identity Safeguard for Privileged Passwords (SPP) desktop client application to view
audit trails for trails created and indexed with One Identity Safeguard for Privileged
Sessions (SPS).
From Safeguard Desktop Player version 1.9, the default installation folder on Microsoft
Windows has changed from C:\Program Files\Safeguard\Safeguard Desktop Player to
C:\Users\<yourusername>\AppData\Local\Safeguard\. SPP still looks for Safeguard Desktop
Player at the previous location, that is, C:\Program Files\Safeguard Desktop Player.

SPS 7.5 Safeguard Desktop Player User Guide

13
Installing Safeguard Desktop Player
When installing Safeguard Desktop Player version 1.9 or later to use with the SPP desktop
client application, change the default installation folder to C:\Program
Files\Safeguard\Safeguard Desktop Player as described below.

Prerequisites

To install the Safeguard Desktop Player application on Windows to use with the
SPP desktop client application

1. Download the Safeguard Desktop Player application for Windows from the
Downloads page.
2. Open a terminal with elevated privileges.
3. Enter msiexec /i <player.msi> INSTALLFOLDER="C:\ProgramFiles\Safeguard"
/quiet
The Safeguard Desktop Player is installed at C:\Program Files\Safeguard Desktop
Player and you can use it with the SPP desktop client application.

Installing Safeguard Desktop Player on

Linux
This section describes how to install the Safeguard Desktop Player application.

Prerequisites

l You must have a valid support portal account with access to SPS downloads.
l Linux:

SPS 7.5 Safeguard Desktop Player User Guide

14
Installing Safeguard Desktop Player
RHEL 7, CentOS 7, or newer. The Safeguard Desktop Player application will probably
run on other distributions as well that have at least libc6 version 2.17 installed.
For details, see Safeguard Desktop Player system requirements.
l If you already have an earlier version of the Safeguard Desktop Player application
installed on the host, uninstall the previous installation. If you want to keep the
previous installation for some reason, install the new version in a different directory.

To install the Safeguard Desktop Player application

1. Download the Safeguard Desktop Player application for Linux from the
Downloads page.
2. Open a terminal, and navigate to the Downloads directory.
3. To install the Safeguard Desktop Player application, start the downloaded file.
l Installing for every user (system-wide installation): System-wide installation
requires root privileges. To install Safeguard Desktop Player for every user on
the host, issue the following commands:

chmod +x ./desktop_player_installer.1.0.17.release.run; sudo

./desktop_player_installer.1.0.17.release.run

l Installing for the current user: You can install the Safeguard Desktop Player
application with user privileges. To install Safeguard Desktop Player for the
current user on the host, issue the following commands:

chmod +x ./desktop_player_installer.1.0.17.release.run; ./desktop_

player_installer.1.0.17.release.run

The installation wizard opens. Click Next.

4. Select the folder where you want to install the Safeguard Desktop Player application,
and after that click Next.
The default installation folder on Linux is ~/SafeguardDesktopPlayer.

SPS 7.5 Safeguard Desktop Player User Guide

15
Installing Safeguard Desktop Player
Figure 3: Selecting the installation folder

5. Read the Software Transaction, License and End User License Agreements of
Safeguard Desktop Player, select I accept the license, then click Next.
6. To install the Safeguard Desktop Player application, click Install, then click Finish
when the installation is complete.

Installing Safeguard Desktop Player on

Mac
This section describes how to install the Safeguard Desktop Player application.

Prerequisites

l You must have a valid support portal account with access to SPS downloads.
l MacOS High Sierra 10.13, or newer.
For details, see Safeguard Desktop Player system requirements.

SPS 7.5 Safeguard Desktop Player User Guide

16
Installing Safeguard Desktop Player
l If you already have an earlier version of the Safeguard Desktop Player application
installed on the host, uninstall the previous installation. If you want to keep the
previous installation for some reason, install the new version in a different directory.

To install the Safeguard Desktop Player application

1. Download the Safeguard Desktop Player application for Mac from the
Downloads page.
2. Double-click the desktop_player_installer.version.release.dmg to open the
installer, then drag the Safeguard Desktop Player application to the
Applications folder.

Figure 4: Drag the application to the Applications folder

3. If your Mac is set to allow applications only from the App Store, you get a warning
that you cannot install the application. You can temporarily override your Mac
security settings and open the application as follows:

Figure 5: Safely open apps on your Mac — Warning message

SPS 7.5 Safeguard Desktop Player User Guide

17
Installing Safeguard Desktop Player
a. In Finder, press Control and click the Safeguard Desktop Player application.
b. Select Open from the menu, and in the dialog that appears, click Open.
The Safeguard Desktop Player application is now saved as an exception to your
security settings, and you can open it by double-clicking it.
4. Open an audit trail that you want to replay. For more information, see Replaying
audit trails.

Figure 6: Replaying an audit trail

SPS 7.5 Safeguard Desktop Player User Guide

18
Installing Safeguard Desktop Player
4

First steps

Thank you for installing the Safeguard

Desktop Player
Now you can start using the Safeguard Desktop Player application to replay audit trail files
that you have downloaded from One Identity Safeguard for Privileged Sessions (SPS). This
guide will help you to get started with using the Safeguard Desktop Player.
The following figure displays the UI of the Safeguard Desktop Player application.

Figure 7: Safeguard Desktop Player

SPS 7.5 Safeguard Desktop Player User Guide

19
First steps
Getting started with the Safeguard
Desktop Player
This section shortly describes the main functions and the UI elements of the Safeguard
Desktop Player.

Figure 8: Safeguard Desktop Player > Details page

1. Audit trail play button

Click the thumbnail at the top, on the left, or click in the Channels section of the
screen. To play an encrypted audit trail, you need to have the appropriate
certificates. For details, see Replaying encrypted audit trails in the Safeguard
Desktop Player User Guide.
2. Audit trail data
The most important data about the audit trail, including usernames (if available) and
IP addresses. To display more metadata about a specific channel in the audit trail,
click in the list of channels. These details include the parameters available on the
SPS Sessions page (for details, see Using the Search interface in the Administration
Guide), and other parameters, for example, the size of the desktop or the terminal.
3. Date of the recording
Starting date and duration.
4. Location of the audit trail file
Click the path to open the folder in your file manager.

SPS 7.5 Safeguard Desktop Player User Guide

20
First steps
5. Validation results
When you open an audit trail, the Safeguard Desktop Player checks if you can access
both the upstream and downstream traffic from the audit trail (you must have access
at least to the downstream traffic to replay the audit trail), and validates the digital
signature and the timestamp. The icon means that the trail is not signed or
timestamped. For details, see Validating audit trails in the Safeguard Desktop Player
User Guide.
6. Terminal Encodings
When you are replaying terminal-based audit trails, for example, SSH or TELNET, you
can set the character encoding of the displayed text. After changing the encoding,
click Re-render trail.
7. Channels
To select a channel, click .
8. Export
The Export button exports the audit trail to a video file. The exported files use the
WEBM format with the VP8 codec. For details, see Exporting the audit trails as video
in the Safeguard Desktop Player User Guide.
9. Warnings
Warnings and errors that occurred during opening and processing the audit trail file.
If there are warnings or errors, the Warnings UI element is displayed under the
Search field.

Figure 9: Warnings

10. Settings
You have the following settings options:
l Import the required certificate to replay an encrypted audit trail. For more
information, see Replaying encrypted audit trails.
l Open Preferences, which you can use to set the application language, select a
keyboard layout, select how you want to display the window title events on the
seeker and in subtitles, and so on. For more information, see Preferences for
the Safeguard Desktop Player.
l Open the documentation in your browser.
11. Search

SPS 7.5 Safeguard Desktop Player User Guide

21
First steps
You can search in the trail content of the current audit trail, for example, in
commands that the user executed in the session, or to find a specific text that was
displayed on the screen. Available only for terminal sessions. For details, see
Searching in the content of the current audit file.

The Search window of Safeguard

Desktop Player
This section provides information on the options that you can use in the Search window.
Search
You can search in the trail content of the current audit trail, for example, in commands that
the user executed in the session, or to find a specific text that was displayed on the screen.
Available only for terminal sessions. For details, see Searching in the content of the current
audit file.

1. Play/pause, replay
Start or pause replaying the audit trail. You can also click the video to start or
pause replaying.
2. Jump to previous event

SPS 7.5 Safeguard Desktop Player User Guide

22
First steps
Click this button to jump to the previous user event. User events that occurred in the
session (such as window titles that appeared on the screen, commands executed,
mouse activity, keystrokes) are marked in the seeker.
3. Jump to next event
Click this button to jump to the next event. User events that occurred in the session
(such as window titles that appeared on the screen, commands executed, mouse
activity, keystrokes) are marked in the seeker.
4. Current time and timestamp
Time elapsed since the beginning of the audit trail, and the corresponding date.
5. End time and timestamp
Length of the audit trail and the date when the session ended.
6. Change replay speed
7. Seek preview
Click the seeker to jump to a specific location in the audit trail.
8. Scale video
When enabled, the replayed audit trail is resized to fit the window. Clear to show the
original size. You can also double-click on the video to toggle resizing.
9. Back to the summary page
Open the summary page of the audit trail
10. Configure seeker indicators
Click to configure the visibility of indicators for user events on the seeker. Seeker
indicators show on a single timeline the user events that occurred during a session.
Clicking a seeker indicator takes you to the relevant user event in the audit trail. User
events are window titles that appeared on the screen, commands executed, mouse
activity, keystrokes, and any on-screen change.
11. Display subtitles
Click to display subtitles for the video. Subtitles list user events as they occurred in
the session. Events that are shown in subtitles are window titles that appeared on the
screen, commands executed, mouse activity, and keystrokes.
12. Search in trail content
Search in the contents of the current audit trail, for example, in commands that the
user executed in the session, or to find a specific text that was displayed on the
screen. This option is available only for terminal sessions. For details, see Searching
in the content of the current audit file.

SPS 7.5 Safeguard Desktop Player User Guide

23
First steps
Preferences for the Safeguard Desktop
Player
To configure your global preferences, for example, the application language, keyboard

layout, and so on, for Safeguard Desktop Player, navigate to (Settings) >
Preferences.

Figure 10: Settings > Preferences

Language

l Safeguard Desktop Player application language: Set the preferred language for
the menus, buttons, and other controls of your Safeguard Desktop Player.
For the changes to take effect, close and restart the Safeguard Desktop Player
application.

SPS 7.5 Safeguard Desktop Player User Guide

24
First steps
Graphical protocols

l Keyboard layout: In some cases, RDP and ICA audit trails do not contain their
specific keyboard layouts. To avoid misspellings in the subtitles, you can set your
specific layout for all your audit trails.
For each individual audit trail, you can still override these global settings from
your Details page of your Safeguard Desktop Player as shown in the example
figure below:

Figure 11: Safeguard Desktop Player > Details page > Changing the
keyboard layout for individual RDP or ICA audit trails

l Window title: Select how you want to display the window title events on the seeker
and in subtitles.
l If your audit trails are indexed, select Only indexed trails (faster). Indexed
audit trails already contain the window titles, and the process of displaying the
window titles is faster.
l If you are unsure whether your audit trails are indexed, select Always.
Safeguard Desktop Player detects if your audit trails are indexed. If no indexed
audit trail is available, Safeguard Desktop Player will start indexing the audit
trails automatically.
l If your audit trails are not indexed, select Forced detection (slower). The
audit trail will be re-indexed, regardless if it had been indexed before or not,
and as a result, the process of displaying the window titles is slower.
l If you do not want to display window titles, select Never.

SPS 7.5 Safeguard Desktop Player User Guide

25
First steps
Terminal-based protocols

l Terminal encoding: The character encoding of the displayed text on terminal-

based audit trails, for example, SSH, Telnet or Sudo iolog. This selection will be your
default encoding.
For each individual audit trail, you can still override these global settings from
your Details page of your Safeguard Desktop Player as shown in the example
figure below:

Figure 12: Safeguard Desktop Player > Details page > Changing the
encoding for individual audit trails

l Telnet codec: To deal with special characters, you can set the default codec to
display text. The SPS default settings for the Telnet codec is 500 and for the Telnet
alternate codec is 310.

SPS 7.5 Safeguard Desktop Player User Guide

26
First steps
5

Validating audit trails

When you open an audit trail, the Safeguard Desktop Player application automatically
validates it. You can see the results of this validation above the session details.

l is displayed if the audit trail is valid.

l is displayed if the timestamp or the signature is invalid, or the Safeguard Desktop
Player could not decrypt the downstream traffic.
l DOWNSTREAM
l : The downstream traffic is available and can be replayed.
l : The downstream traffic is encrypted, but you do not have the decryption
key. Click Warnings to see the fingerprint of the required certificate, and see
Replaying encrypted audit trails to import it.
l UPSTREAM
l : The upstream traffic is available and can be replayed.
l : The upstream traffic is encrypted, but you do not have the decryption key.
Click Warnings to see the fingerprint of the required certificate, and see
Replaying encrypted audit trails to import it.
l SIGNATURE
l : The trail is signed and the signature is valid.
l : The Safeguard Desktop Player could not validate the signature. Click
Warnings to see the fingerprint of the required certificate, and see Replaying
encrypted audit trails to import it.
l : The audit trail is not signed.
l TIMESTAMP

SPS 7.5 Safeguard Desktop Player User Guide

27
Validating audit trails
l : The trail is timestamped and the timestamp is valid.
l : The Safeguard Desktop Player could not validate the timestamp. Click
Warnings to see the fingerprint of the required certificate, and see Replaying
encrypted audit trails to import it.
l : The audit trail is not timestamped.

SPS 7.5 Safeguard Desktop Player User Guide

28
Validating audit trails
6

Replaying audit trails

This section describes how to replay an audit trail that is not encrypted.
To replay an encrypted audit trail, see Replaying encrypted audit trails.
You can use the SPS Search page to download an audit trail. For more information, see
Using the Search interface in the Administration Guide.

Prerequisites

One of the following prerequisites must be met:

l The audit trail is available on the computer that runs the Safeguard Desktop Player.
l Using a web browser, you open the audit trail on the SPS search interface and you
open the Safeguard Desktop Player application on the same computer.

To replay an unencrypted audit trail

1. Open an audit trail that you want to replay. Use one of the following methods:
l Start the Safeguard Desktop Player application from the menu or the command
line, then click OPEN. Select the audit trail you want to replay.
l Navigate to the audit trail file and open it.
The Safeguard Desktop Player application displays the details of the sessions
stored in the audit trail file. It automatically starts to prepare (render) the audit
trail for replaying. You can start replaying the audit trail while rendering is in

SPS 7.5 Safeguard Desktop Player User Guide

29
Replaying audit trails
progress, which is useful in the case of long audit trails.

2. To start playing the audit trail, click the play button. If the audit trail contains more
than one channels that can be replayed, you can select the channel to replay.
Alternatively, click the icon next to the channel that you want to replay.
The replay window opens.

3. To control the replay, use the following hotkeys:

SPS 7.5 Safeguard Desktop Player User Guide

30
Replaying audit trails
l Play/Pause: SPACE
l Jump to previous event: p
l Jump to next event: n
l Enable video scaling (Scale video): Ctrl + Z
l Toggle fullscreen replay: f
l Decrease replay speed: [
l Increase replay speed: ]
l Reset replay speed :=
l Jump backward, short, medium, long: Shift + Left Arrow, Alt + Left Arrow,
Ctrl + Left Arrow
l Jump forward, short, medium, long: Shift + Right Arrow, Alt + Right Arrow,
Ctrl + Right Arrow
l Search in trail content: Ctrl + F
4. To configure the visibility of the seeker indicators for events, click . The Configure
seeker indicators panel pops up:

SPS 7.5 Safeguard Desktop Player User Guide

31
Replaying audit trails
Use the sliders to toggle between displaying and not displaying seeker indicators for a
particular event type. By default, all indicators are on.
TIP: Indicator colors represent the importance of events. The darker the color, the
more important the event is. In decreasing order of importance, the colors are:
dark blue > light blue > white. Classifying events this way is required so that when
events overlap, there is a clear guideline as to which one of the overlapping events
is shown on the seeker. It is always the more important event that will have its
indicator displayed.
In the case of the white indicators, which stand for on-screen changes, the degree
of transparency signifies the volume of the change that occurred as compared to
the previous on-screen change. Small changes are partly transparent white, while
bigger ones are fully opaque white.

SPS 7.5 Safeguard Desktop Player User Guide

32
Replaying audit trails
Event type Shown on Indicator
panel color

Application events Commands For Dark blue

Commands run in the terminal-
session-shell channel of based
SSH connections, or in protocols
Telnet connections.

Window titles For graphical protocols

Text appearing as window
titles in the case of RDP, Citrix
ICA, VNC, and X11
connections.
This option is only displayed in
the case of graphical
protocols.

User interaction Keystroke For all Light blue

Keystrokes in the protocols
session-shell channel of
SSH connections, or in
Telnet connections.

Mouse activity For all protocols

Any mouse activity (clicking,
scrolling, or mouse
movement) in the case of
RDP, Citrix ICA, and VNC
connections.

Other On-screen changes For all White

Any change that protocols
occurred on the screen.

You can jump to interesting events by:

l Clicking any of the colored bars on the seeker.
l Clicking the and buttons.
5. To display subtitles for the audit trail, click . By default, subtitles are not displayed.
Subtitles indicate application events (commands and window titles) and user
interaction events (keystrokes and mouse activity) in the form of captions, using the
colors of the event indicators.
Subtitles are generated for all audit trails.

SPS 7.5 Safeguard Desktop Player User Guide

33
Replaying audit trails
When you export audit trails as video files, you can include subtitles as well. For
details, see Exporting the audit trail as video.

SPS 7.5 Safeguard Desktop Player User Guide

34
Replaying audit trails
7

Replaying encrypted audit trails

This section describes how to replay an encrypted audit trail. To replay encrypted audit
trails using the command line, see Replaying encrypted audit trails from the command line.

Prerequisites

l To replay encrypted audit trails, the private key of the certificate used to encrypt the
audit trail must be available on the host running the Safeguard Desktop Player. On
Microsoft Windows, the Safeguard Desktop Player can retrieve this certificate from
Windows Certificate Store > Current User > Personal Certificate Store.
l To validate digitally-signed audit trails, the respective CA certificates that issued the
certificates used to sign the audit trail must be available on the host running the
Safeguard Desktop Player. (This is the CA of the certificates set at Policies > Audit
policies > Enable signing on the SPS interface.) On Microsoft Windows, the
Safeguard Desktop Player can retrieve this certificate from Windows Certificate
Store > Local Computer > Trusted Root Certification Authorities.
l To validate timestamped audit trails, the CA certificate of SPS must be available on
the host running the Safeguard Desktop Player. (This is the CA certificate of SPS set
at Basic Settings > Management > SSL Certificates > CA X.509 Certificate.)
On Microsoft Windows, the Safeguard Desktop Player can retrieve this certificate
from Windows Certificate Store > Local Computer > Trusted Root
Certification Authorities.

The certificates and the private keys must be available in PEM format, other formats are
not supported.
NOTE: On Microsoft Windows, you cannot import CA certificates from a shared drive. In
this case, copy the certificate to a local folder and import it from there.
NOTE: Certificates are used as a container and delivery mechanism. For encryption and
decryption, only the keys are used.
TIP: One Identity recommends using 2048-bit RSA keys (or stronger).
>

To replay an encrypted audit trail

1. Open the encrypted audit trail. Safeguard Desktop Player tries to decrypt and
validate it. If the decryption or validation fails, the Safeguard Desktop Player notifies
you on the screen. Click Warnings to see the fingerprint of the required certificate.

SPS 7.5 Safeguard Desktop Player User Guide

35
Replaying encrypted audit trails
2. Import the required certificate. In the top-right, click > Key/Certificate import.
3. Click , then select the certificate file. The certificates and the private keys must be
available in PEM format. Other formats are not supported.

4. Click Load. The Safeguard Desktop Player displays the details of the certificate.
5. Select how you want to store the certificate, then click Import. On Microsoft
Windows, you can import the certificates to the Windows Certificate Store and reuse
them later. On other platforms, Safeguard Desktop Player stores the certificates only
temporarily, and automatically deletes them when you close the application.
l If you want Safeguard Desktop Player to delete the certificate after you close
the application, select Store temporarily only.
l If you are importing a private key to decrypt an audit trail, select Store as
personal certificate.
l If you are importing a CA certificate to validate the timestamp or signature of
the audit trails, select Store as trusted root certificate.
6. Repeat the previous steps to import other certificates if needed.
7. Click , then to start replaying the audit trail.

SPS 7.5 Safeguard Desktop Player User Guide

36
Replaying encrypted audit trails
8

Replaying encrypted audit trails

from the command line

This section describes how to replay an encrypted audit trail using the command line. Use
this method if you want to import the private key only temporarily, or if you want to
automate the process. To import the required certificates using the graphical interface of
Safeguard Desktop Player, see Replaying encrypted audit trails.

Prerequisites

l To replay encrypted audit trails, the private key of the certificate used to encrypt the
audit trail must be available on the host running the Safeguard Desktop Player. On
Microsoft Windows, the Safeguard Desktop Player can retrieve this certificate from
Windows Certificate Store > Current User > Personal Certificate Store.
l To validate digitally-signed audit trails, the respective certificates that issued the
certificates used to sign the audit trail must be available and valid on the host running
the Safeguard Desktop Player. (This is the certificate set at Policies > Audit
policies > Enable signing on the SPS interface.) On Microsoft Windows, the
Safeguard Desktop Player can validate this certificate from Windows Certificate
Store > Local Computer > Trusted Root Certification Authorities.
NOTE: In case of certificate chains, the whole chain must be imported in this Certi-
ficate Store.
l To validate timestamped audit trails, the CA certificate of SPS must be available on
the host running the Safeguard Desktop Player. (This is the CA certificate of SPS set
at Basic Settings > Management > SSL Certificates > CA X.509 Certificate.)
On Microsoft Windows, the Safeguard Desktop Player can retrieve this certificate
from Windows Certificate Store > Local Computer > Trusted Root
Certification Authorities.

SPS 7.5 Safeguard Desktop Player User Guide

37
Replaying encrypted audit trails from the command line
TIP: One Identity recommends using 2048-bit RSA keys (or stronger).

To replay an encrypted audit trail using the command line

Start a command prompt and navigate to the installation directory of Safeguard
Desktop Player.
By default, the installation directories on the different operating systems are the following:

l On Microsoft Windows platforms: C:\Documents and

Settings\<username>\Software\Safeguard\Safeguard Desktop Player\
l On Linux: ~/SafeguardDesktopPlayer
l On MacOS: /Applications/Safeguard Desktop Player.app/Contents/Resources/

1. (Optional) If the private key is password-protected, execute the following command:

player --key <path\to\your\private-key.pem>:<password-to-the-private-key>

For example, if the private key file is C:\temp\my-key.pem and its password is secret,
the command is player --key C:\temp\my-key.pem:secret
Otherwise, use the following command:

player --key <path\to\your\private-key.pem>

2. (Optional) If the audit trail is timestamped or signed, you must have the proper
certificate to validate the audit trail. Include the path to the certificate in the
command line when starting the Safeguard Desktop Player:

player --cert <path\to\the\certificate.pem> --key <path\to\your\private-

key.pem>:<password-to-the-private-key>

3. Open the encrypted audit trail. Safeguard Desktop Player tries to decrypt it with
the private key you provided. If decryption is successful, you can replay the audit
trail. Alternatively, you can specify the audit trail to open from the command line,
for example:

player --cert <path\to\the\certificate.pem> --key <path\to\your\private-

key.pem>:<password-to-the-private-key> <path\to\audit-trail.zat>

SPS 7.5 Safeguard Desktop Player User Guide

38
Replaying encrypted audit trails from the command line
9

Replaying audit files in follow mode

This section describes how to follow active connections in semi-real time.

Prerequisites

To follow active connections, you must be allowed to authorize the sessions of the relevant
connection policy. For more information on how you can configure that, see Configuring
four-eyes authorization in the Administration Guide.
Every time you open an .srs file in Safeguard Desktop Player, you must authenticate
yourself to SPS through Safeguard Desktop Player. To access SPS and follow active
sessions, you must have:

l A valid username and password.

l The SSL certificate of your root Certificate Authority (CA).

On Microsoft Windows, Safeguard Desktop Player retrieves the SSL certificate from
Windows Certificate Store > Local Computer > Trusted Root Certification
Authorities.
On Linux or MacOS, import the SSL certificate to Safeguard Desktop Player as follows:

1. In SPS, navigate to Basic Settings > Management > SSL certificates.

2. Click the certificate in the CA X.509 certificate field.
3. In the pop-up window that is displayed, click PEM. This downloads the the CA's X.509
certificate in PEM format.
NOTE: The certificate must be in PEM format, other formats are not supported.
4. In Safeguard Desktop Player, in the top-right, click . Select Key/Certificate
import.
5. Click , then select the certificate PEM file that you downloaded from SPS.
6. Click Load. Safeguard Desktop Player displays the details of the certificate.
7. Click Import.

SPS 7.5 Safeguard Desktop Player User Guide

39
Replaying audit files in follow mode
To follow active connections in semi-real time

1. On the SPS web interface, navigate to Sessions , select Active in Connections, and
click next to the connection you want to monitor in semi-real time.
2. In Safeguard Desktop Player, click OPEN, and select the audit trail to replay.
NOTE: If you open a closed session from an srs file, you can start to replay its
content and follow the session even if the file has not been fully downloaded
and rendered.
Safeguard Desktop Player displays the sessions stored in the audit trail file.

a. Red blinking light

When the red blinking light is displayed, it indicates an ongoing, active
connection. When neither the LIVE label and icon nor the red blinking light are
displayed, it indicates that the connection has ended.
b. LIVE status indicator
The indicator shows three different states:
l When it is completely red, it indicates that the connection is active and
there is some user interaction on the client-side.
l When the LIVE label is red but the icon is half red, half black, it
indicates that the connection is active but there is no user interaction on
the client-side.
l When neither the LIVE label and icon nor the red blinking light are
displayed, it indicates that the connection has ended.
c. File size

SPS 7.5 Safeguard Desktop Player User Guide

40
Replaying audit files in follow mode
It displays the size of the .zat file that is loaded. In the case of an active, live
connection, the size continuously increases.
3. To start replaying the audit file, click the thumbnail. Alternatively, click the icon
next to the channel you want to replay.
The replay window opens.

4.
a. Terminate
Terminate the session that you are monitoring if you notice a user action that
poses a security risk.
b. LIVE status indicator
The indicator shows two different states:
l When the Safeguard logo is animated, it indicates that the connection is
active and there is some user interaction on the client-side.
l When the Safeguard logo is static, it indicates that the connection is
active but there is no user interaction on the client-side.
The color of the LIVE label indicates if the displayed frame is live (blue) or an earlier
frame (gray). If you stopped the playback or rewound it, to return to the live
streaming, click LIVE.
TIP: If you are replaying terminal-based audit trails, for example, SSH or TELNET,
you can change the font size of the displayed text by holding down the Ctrl key and
scrolling your mouse wheel.
When the session ends, a button is displayed. If you click this button, the player
reverts to normal replay mode, and you can change the replay speed, and the seeker
becomes available again.

SPS 7.5 Safeguard Desktop Player User Guide

41
Replaying audit files in follow mode
TIP: You can store the zat or zatx files of sessions to replay them later without
having to download them and wait for them to be rendered. For more information,
see section Exporting zat and zatx files.

SPS 7.5 Safeguard Desktop Player User Guide

42
Replaying audit files in follow mode
10

Searching in the content of the

current audit file

Safeguard Desktop Player allows you to search in the contents of the recorded audit trails,
for example, in commands that the user executed in the session, or to find a specific text
that was displayed on the screen.
You can also search in the contents of the audit trails for trails of graphical sessions created
and indexed with SPS 6.0.

Prerequisites

l Safeguard Desktop Player version 1.7.12 or newer.

l An audit trail of a terminal session.

To search in the content of an audit file

1. In the Safeguard Desktop Player application, click OPEN, and select the audit trail to
replay. If the audit trail is encrypted, see Replaying encrypted audit trails.
Safeguard Desktop Player displays the sessions stored in the audit trail file.

SPS 7.5 Safeguard Desktop Player User Guide

43
Searching in the content of the current audit file
2. Click SEARCH and enter your search keywords in the Search in content field.
NOTE:Safeguard Desktop Player creates the index of the content when opening the
file, and searching is disabled until creating the index is finished. Depending on the
length of the audit trail, this can take several minutes.
Safeguard Desktop Player displays the search results and highlights the periods of
the audit trail when the search keywords were visible. For details on the search
syntax, see Search query examples.
Click to replay the audit trail. To search while replaying an audit trail, click the
magnifying glass icon.

SPS 7.5 Safeguard Desktop Player User Guide

44
Searching in the content of the current audit file
11

Search query examples

The following sections provide examples for different search queries.

l For examples of exact matches, see Searching for exact matches on page 45.
l For examples of using boolean operators to combine search keywords, see
Combining search keywords on page 46.
l For examples of wildcard searches, see Using wildcard searches on page 47.
l For examples of searching with special characters, see Searching for special
characters on page 49.
l For examples of fuzzy search that finds words with similar spelling, see Searching for
fuzzy matches on page 51.
l For examples of proximity search to find words that appear within a special distance,
see Proximity search on page 51.
l For examples of adjusting the relevance of a search term, see Adjusting the
relevance of search terms on page 51.

For details on how to use more complex keyphrases that are not covered in this guide, see
the Apache Lucene documentation.

Searching for exact matches

By default, One Identity Safeguard for Privileged Sessions (SPS) searches for keywords as
whole words and returns only exact matches. Note that if your search keywords include
special characters, you must escape them with a backslash (\) character. For details on
special characters, see Searching for special characters on page 49. The following
characters are special characters: + - & | ! ( ) { } [ ] ^ " ~ * ? : \ /

SPS 7.5 Safeguard Desktop Player User Guide

45
Search query examples
Example: Searching for exact matches

Search expression example

Matches example

Does not match examples

example.com
query-by-example
exam

To search for a string that includes a backslash characters, for example, a Windows
path, use two backslashes (\\).

Search expression C\:\\Windows

Matches C:\Windows

Combining search keywords

You can use boolean operators – AND, OR, NOT, and + (required), – to combine search
keywords. More complex search expressions can also be constructed with parentheses. If
you enter multiple keywords,

Example: Combining keywords in search

Search expression keyword1 AND keyword2

Matches (returns hits that contain both keywords)

Search expression keyword1 OR keyword2

Matches (returns hits that contain at least one of the keywords)

Search expression keyword1 NOT keyword2

Matches (returns hits that contain the first phrase, but not the second)

SPS 7.5 Safeguard Desktop Player User Guide

46
Search query examples
Search expres- +keyword1 keyword2
sion

Matches (returns hits that contain keyword1, and may contain

keyword2)

To search for expressions that can be interpreted as boolean operators (for example:
AND), use the following format: "AND".

Example: Using parentheses in search

Use parentheses to create more complex search expressions:

Search (keyword1 OR keyword2) AND keyword3

expression

Matches (returns hits that contain either keyword1 and keyword3, or

keyword2 and keyword3)

Using wildcard searches

You can use the ? and * wildcards in your search expressions.

Example: Using wildcard ? in search

The ? (question mark) wildcard means exactly one arbitrary character. Note that it
does not work for finding non-UTF-8 or multibyte characters. If you want to
search for these characters, the expression ?? might work, or you can use the *
wildcard instead.
You cannot use a * or ? symbol as the first character of a search.

Search expression example?

Matches example1
examples
example?

Does not match example.com

SPS 7.5 Safeguard Desktop Player User Guide

47
Search query examples
example12
query-by-example

Search expression example??

Matches example12

Does not match example.com

example1
query-by-example

Example: Using wildcard * in search

The * wildcard means 0 or more arbitrary characters. It finds non-UTF-8 and

multibyte characters as well.

Search expression example*

Matches example
examples
example.com

Does not match query-by-example

example*

Example: Using combined wildcards in search

Wildcard characters can be combined.

Search expression ex?mple*

Matches example1
examples
example.com
exemple.com

SPS 7.5 Safeguard Desktop Player User Guide

48
Search query examples
example12

Does not match exmples

query-by-example

Searching for special characters

To search for the special characters, for example, question mark (?), asterisk (*),
backslash (\) or whitespace ( ) characters, you must prefix these characters with a
backslash (\). Any character after a backslash is handled as character to be searched for.
The following characters are special characters: + - & | ! ( ) { } [ ] ^ " ~ * ? : \ /

Example: Searching for special characters

To search for a special character, use a backslash (\).

Search expression example\?

Matches example?

Does not match examples

example1

To search for a string that includes a backslash characters, for example, a Windows
path, use two backslashes (\\).

Search expression C\:\\Windows

Matches C:\Windows

To search for a string that includes a slash character, for example, a UNIX path, you
must escape the every slash with a backslash (\/).

Search expression \/var\/log\/messages

Matches /var/log/messages

Search expression \(1\+1\)\:2

Matches (1+1):2

SPS 7.5 Safeguard Desktop Player User Guide

49
Search query examples
Searching in commands and window titles

For terminal connections, use the command: prefix to search only in the commands
(excluding screen content). For graphical connections, use the title: prefix to search only
in the window titles (excluding screen content). To exclude search results that are
commands or window titles, use the following format: keyword AND NOT title:[* TO *].
You can also combine these search queries with other expressions and wildcards, for
example, title:properties AND gateway.

Example: Searching in commands and window titles

Search expression command:sudo su

Matches sudo su as a terminal command

Does not match sudo su in general screen content

Search expression title:settings

Matches settings appearing in the title of an active window

Does not match settings in general screen content

To find an expression in the screen content and exclude search results from the
commands or window titles, see the following example.

Search expres- properties AND NOT title:[* TO *]

sion

Matches properties appearing in the screen content, but not as a window

title.

Does not match properties in window titles.

You can also combine these search filters with other expressions and wildcards.

Search title:properties AND gateway

expression

Matches A screen where properties appears in the window title, and gateway
in the screen content (or as part of the window title).

Does not Screens where both properties and gateway appear, but properties
match is not in the window title.

SPS 7.5 Safeguard Desktop Player User Guide

50
Search query examples
Searching for fuzzy matches

Fuzzy search uses the tilde ~ symbol at the end of a single keyword to find hits that contain
words with similar spelling to the keyword.

Example: Searching for fuzzy matches

Search expression roam~

Matches roams
foam

Proximity search

Proximity search uses the tilde ~ symbol at the end of a phrase to find keywords from the
phrase that are within the specified distance from each other.

Example: Proximity search

Search expres- keyword1 keyword2 ~10

sion

Matches (returns hits that contain keyword1 and keyword2 within 10 words
from each other)

Adjusting the relevance of search terms

By default, every keyword or phrase of a search expression is treated as equal. Use the
caret ^ symbol to make a keyword or expression more important than the others.

Example: Adjusting the relevance of search terms

Search keyword1^4 keyword2

expression

Matches (returns hits that contain keyword1 and keyword2, but keyword1 is
4-times more relevant)

SPS 7.5 Safeguard Desktop Player User Guide

51
Search query examples
Search keyword1^5 keyword2
expression

Matches (returns hits that contain keyword1 and keyword2, but keyword1 is
5-times more relevant)

SPS 7.5 Safeguard Desktop Player User Guide

52
Search query examples
12

Exporting the audit trail as video

This section describes how to export an audit trail as a video file (optionally, including the
accompanying subtitles).
NOTE: To export an audit trail, you must open it.
The exported files use the WEBM format with the VP8 codec. You can replay WebM videos in
most modern browsers, and several media player applications. For details, see the Playing
WebM Video page.

Prerequisites

To use Internet Explorer, you must install an add-on.

To export an audit trail as a video file

1. Open the audit trail in the Safeguard Desktop Player application.

If the audit trail is encrypted, you need the appropriate decryption keys to open it.
For details, see Replaying encrypted audit trails.
2. Click EXPORT > Export video.
3. If the audit trail contains multiple channels that can be replayed, select which
channels you want to export.
4. To export the subtitles listing the user events that occurred in the session (window
titles that appeared on the screen, commands executed, mouse activity, and
keystrokes), select the Subtitle checkbox.

SPS 7.5 Safeguard Desktop Player User Guide

53
Exporting the audit trail as video
Figure 13: Export options

5. Click , and select the directory where you want to save the video file.
6. Click EXPORT.

SPS 7.5 Safeguard Desktop Player User Guide

54
Exporting the audit trail as video
Exporting the sound from an audit
trail

You can enable auditing the sound that is transferred between an RDP client and the server.
Using the Export audio option of Safeguard Desktop Player, you can export the input
sound (the one that comes from the audited user) and the output sound (the one that is
received by the audited user) into .wav files.

Prerequisites

In SPS, using the Channel Policies settings of the Traffic Controls > RDP option, select
the Record audit trail checkbox for the Sound and the Dynamic virtual channel in the
policy that you want to use for sound auditing.
For more information, see Configuring SPS to enable exporting sound from audit trails in
the SPS Administration Guide.

To export the sound from an audit trail

1. Open the audit trail in the Safeguard Desktop Player application.

If the audit trail is encrypted, you need the appropriate decryption keys to open it.
For details, see Replaying encrypted audit trails.
2. Click the EXPORT > Export audio... button.
3. In the Select folder window, navigate to the folder where you want to save the
exported sound files of the audit trail.

The displayed dialog shows the exported files with their paths. On clicking the paths, the
destination folders open. The dialog also lists the errors that occurred during the export.
The sound files are saved in the following format:
l <timestamp>_input.wav
l <timestamp>_output.wav

SPS 7.5 Safeguard Desktop Player User Guide

55
Exporting the sound from an audit trail
Exporting zat and zatx files

Using the Export zat/zatx... option of Safeguard Desktop Player, you can save the trail
currently opened to a selected location.
After opening an srs file, you can export its content to a zat or zatx file if all the following
criteria are met:

l The srs file does not belong to a live stream.

l Safeguard Desktop Player has fully downloaded the content of the srs file.
l You can replay the content of the srs file.

To export zat or zatx files from an audit trail

1. Open the audit trail in Safeguard Desktop Player.

If the audit trail is encrypted, you need the appropriate decryption keys to open it.
For more information, see Replaying encrypted audit trails.
2. Select EXPORT > Export zat/zatx....
3. In the Select folder window, navigate to the folder where you want to save the
exported zat or zatx files of the audit trail.

The displayed dialog shows the exported file with the trail.zat or trail.zatx file name.

SPS 7.5 Safeguard Desktop Player User Guide

56
Exporting zat and zatx files
13

Sharing an encrypted audit trail

This section describes how to share an encrypted audit trail with a third party.
NOTE: To export an audit trail, you must open it.

l Export the audit trail as a video file

l If you want the third party to be able to replay the audit trail with the Safeguard
Desktop Player, complete the following steps. Currently you can only do this by using
the command line.

Prerequisites

This procedure involves encrypting the audit trail with an encryption key that you can share
with the third party. Encrypting audit trails requires an X.509 certificate in PEM format that
uses an RSA key.
You will also need the audit trail file that you want to share, and the encryption key(s)
required to replay it. You cannot use this procedure to encrypt an audit trail that is not
already encrypted.
NOTE: Certificates are used as a container and delivery mechanism. For encryption and
decryption, only the keys are used.
TIP: One Identity recommends using 2048-bit RSA keys (or stronger).

To share an encrypted audit trail with a third party

Start a command prompt and navigate to the installation directory of Safeguard
Desktop Player.
By default, the installation directories on the different operating systems are the following:

l On Microsoft Windows platforms: C:\Documents and

Settings\<username>\Software\Safeguard\Safeguard Desktop Player\
l On Linux: ~/SafeguardDesktopPlayer
l On MacOS: /Applications/Safeguard Desktop Player.app/Contents/Resources/

1. Specify the audit trail to process its decryption key, the new audit trail file, and the
new encryption key.

SPS 7.5 Safeguard Desktop Player User Guide

57
Sharing an encrypted audit trail
l Windows: adp.exe --task rekey --file <path/to/audit-trail.zat> --key
<keyfile.pem:passphrase> --out <path/to/audit-trail-to-share.zat> --
new-cert <path/to/new-encryption-certificate.pem>
l Linux or MacOS: ./adp --task rekey --file <path/to/audit-trail.zat> --
key <keyfile.pem:passphrase> --out <path/to/audit-trail-to-share.zat> -
-new-cert <path/to/new-encryption-certificate.pem>
If the audit trail is encrypted with multiple keys, repeat the --key
<keyfile.pem:passphrase> option. Include the colon (:) character even if the key is
not password-protected. For example:

./adp --task rekey --file /tmp/ssh-171128T1353-frobert-frobert-

10.30.255.68.zat --key /tmp/indexer-certificate-key.pem: --out
/tmp/shared-ssh.zat --new-cert /tmp/new-encryption-certificate.pem

2. Open the output file in the Safeguard Desktop Player and import the private key of
the certificate you used to re-encrypt the audit trail. Verify that you can replay the
audit trail. If it is working as expected, you can share the re-encrypted audit trail file
and the private key with third parties, they will be able to replay the audit trail using
the SPS application.

SPS 7.5 Safeguard Desktop Player User Guide

58
Sharing an encrypted audit trail
14

Replaying X11 sessions

With the Safeguard Desktop Player application, you can replay audit trails that contain
graphical X11 sessions (the contents of the X11 Forward channel of the SSH protocol).
You can replay X11 sessions similarly to other audit trails, but consider the following points:

l X11 sessions can contain several different X11 channels. For example, some
applications open a separate channel for every window they display. The Safeguard
Desktop Player application automatically merges these channels into a single
channel, to make reviewing the sessions easier. Since these audit trails can contain
SSH terminal channels as well, you can choose between replaying the SSH sessions
and the X11 session in the CHANNELS > X11 section of the audit trail data.

l If you need the list of X11 channels that the audit trail contains, they are listed in
CHANNELS > X11 > channel_ids section of the audit trail data.

SPS 7.5 Safeguard Desktop Player User Guide

59
Replaying X11 sessions
l The Safeguard Desktop Player stores the fonts used to display the texts in the audit
trail in the <desktop-player-installation-folder>/fonts folder.

SPS 7.5 Safeguard Desktop Player User Guide

60
Replaying X11 sessions
15

Exporting transferred files from

SCP, SFTP, HTTP, and RDP audit
trails

You can export the files that the user transferred in SCP, SFTP, and HTTP sessions as well
as through the RDP clipboard. You can export such files from the audit trails using the
command line or the Safeguard Desktop Player GUI.
NOTE: Exporting transferred files through the RDP clipboard is a feature that has been
tested with Microsoft-supported clients.

Exporting files from an audit trail after

RDP file transfer through clipboard or
disk redirection
Prerequisites

Configure SPS to allow exporting files from an audit trail. For more information, see
Configuring SPS to enable exporting files from audit trails after RDP file transfer in the
Administration Guide.
NOTE: By default, the Safeguard Desktop Player application only exports complete files.
To export partially transferred files, see Exporting transferred files from SCP, SFTP, HTTP
and RDP audit trail using the command line.

To export files from an audit trail after RDP file transfer through clipboard or
disk redirection

1. Navigate to Main Menu > Sessions in SPS, select the session during which the
files were copy-pasted through the clipboard or transferred through disk redirection,
and click .

SPS 7.5 Safeguard Desktop Player User Guide

Exporting transferred files from SCP, SFTP, HTTP, and RDP audit 61
trails
2. Click , save the .zat file, and open the Safeguard Desktop Player
application.

3. Open the .zat file and click in the Safeguard Desktop Player interface
window.
4. Navigate to EXPORT > Export transferred files... and select Choose in the
Select folder – Safeguard Desktop Player window. Safeguard Desktop Player
automatically displays the files in a new window under EXPORTED FILES
(<number of files>), with information about the files' original path.
5. (Optional) Open the files to see if the export was successful.

Exporting transferred files from SCP,

SFTP, HTTP and RDP audit trail using
the command line
This section describes how to export the files that you transferred, using the command line,
in one of the following sessions:

l SCP
l SFTP
l HTTP
l RDP

To export the files that you transferred in an SCP, SFTP, HTTP, or RDP session
using the command line
Start a command prompt and navigate to the installation directory of Safeguard
Desktop Player.
By default, the installation directories on the different operating systems are the following:

l On Microsoft Windows platforms: C:\Documents and

Settings\<username>\Software\Safeguard\Safeguard Desktop Player\
l On Linux: ~/SafeguardDesktopPlayer
l On MacOS: /Applications/Safeguard Desktop Player.app/Contents/Resources/

NOTE: By default, the Desktop Player only exports complete files. If you want to export
partially transferred files as well, use the adp --export-files command.

SPS 7.5 Safeguard Desktop Player User Guide

Exporting transferred files from SCP, SFTP, HTTP, and RDP audit 62
trails
1. List the channels in the audit trail, and find the one you want to extract files from.
Note down the ID number of this channel as it will be required later on (it is 3 in the
following example).
l Windows: adp.exe --task channel-info --file <path/to/audit-trail.zat>
l Linux or MacOS: ./adp --task channel-info --file <path/to/audit-
trail.zat>
If the audit trail is encrypted, use the --key <keyfile.pem:passphrase> option.
Repeat the option if the audit trail is encrypted with multiple keys. Include the colon
(:) character even if the key is not password-protected. Example output:

Channel information : ssh-session-exec-scp:3

2. Export the files from the audit trail. Use the ID number of the channel from the
previous step.
Windows: adp --task indexer --channel 3 --file <path/to/audit-trail.zat> --
export-files <folder/to/save/files/>
Linux or MacOS: adp --task indexer --channel 3 --file <path/to/audit-
trail.zat> --export-files <folder/to/save/files/>
If the audit trail is encrypted, use the --key <keyfile.pem:passphrase> option.
Repeat the option if the audit trail is encrypted with multiple keys. Include the colon
(:) character even if the key is not password-protected.
3. Check the output directory for the exported files.

SPS 7.5 Safeguard Desktop Player User Guide

Exporting transferred files from SCP, SFTP, HTTP, and RDP audit 63
trails
16

Exporting raw network traffic in

PCAP format

You can choose to convert audit trails to packet capture (PCAP) format, which is a common
file format for storing network traffic.

Exporting raw network traffic in PCAP

format using the command line
This section describes how to export raw network traffic in PCAP format using the
command line.

To export raw network traffic in PCAP format using the command line
Start a command prompt and navigate to the installation directory of Safeguard
Desktop Player.
By default, the installation directories on the different operating systems are the following:

l On Microsoft Windows platforms: C:\Documents and

Settings\<username>\Software\Safeguard\Safeguard Desktop Player\
l On Linux: ~/SafeguardDesktopPlayer
l On MacOS: /Applications/Safeguard Desktop Player.app/Contents/Resources/

1. List the channels in the audit trail, and find the ones that you want to export. Note
down the ID number of the channels as it will be required later on (it is 3 in the
following example).
l Windows: adp.exe --task channel-info --file <path/to/audit-trail.zat>
l Linux or MacOS: ./adp --task channel-info --file <path/to/audit-
trail.zat>

SPS 7.5 Safeguard Desktop Player User Guide

64
Exporting raw network traffic in PCAP format
If the audit trail is encrypted, use the --key <keyfile.pem:passphrase> option.
Repeat the option if the audit trail is encrypted with multiple keys. Include the colon
(:) character even if the key is not password-protected. Example output:

Channel information : ssh-session-exec-scp:3

2. Export the channels from the audit trail. Use the ID numbers of the channels from the
previous step.
l Windows: adp.exe -f <path/to/audit-trail.zat> -c <channel id> -t
indexer --export-pcap output.pcap
l Linux or MacOS: adp -f <path/to/audit-trail.zat> -c <channel id> -t
indexer --export-pcap output.pcap
If the audit trail is encrypted, use the --key <keyfile.pem:passphrase> option.
Repeat the option if the audit trail is encrypted with multiple keys. Include the colon
(:) character even if the key is not password-protected.
3. Check the output directory for the exported files.

Exporting raw network traffic in PCAP

format using the GUI
This section describes how to export the channels stored in the audit trail using the GUI.

To export the channels stored in the audit trail using the GUI

1. Open the audit trail in the Safeguard Desktop Player application.

If the audit trail is encrypted, you need the appropriate decryption keys to open it.
For details, see Replaying encrypted audit trails.
2. Click EXPORT > Export pcap.
The Select folder dialog pops up.
3. Select the directory where you want to save the files. Click Choose.
Once the export process is finished, a FILES dialog pops up, indicating the number of
exported files in brackets and listing the files that have been exported.
Files have a number in their names, used for identifying the channels.

SPS 7.5 Safeguard Desktop Player User Guide

65
Exporting raw network traffic in PCAP format
17

Exporting screen content text

This section describes how to export screen content text from text-based protocols
(terminal-based protocols and HTTP) in TXT format. Screen content text is saved into files
as UTF-8 encoded text with UNIX timestamps.

To export screen content text from text-based protocols (terminal-based

protocols and HTTP) in TXT format

1. Open the audit trail in the Safeguard Desktop Player application.

If the audit trail is encrypted, you need the appropriate decryption keys to open it.
For details, see Replaying encrypted audit trails.
2. Click EXPORT > Export screen content text.
The Select folder dialog pops up.
3. Select the directory where you want to save the files. Click Choose.
Once the export process is finished, a FILES dialog pops up, indicating the number of
exported files in brackets and listing the files that have been exported.
Filenames follow a pattern. Take the following example:
1415176790.648000-1415176793.926000.txt
Where:
l the numbers before the hyphen (-) indicate the beginning of the interval in the
session where the screen content text occurred
l the numbers after the hyphen (-) indicate the end of the interval in the session
where the screen content text occurred
l the numbers are provided in UNIX timestamp format

SPS 7.5 Safeguard Desktop Player User Guide

66
Exporting screen content text
18

Troubleshooting the Safeguard

Desktop Player

Determining your Safeguard Desktop

Player version
To find out which version of the Safeguard Desktop Player application you are using,
complete one of the following.

l Start the Safeguard Desktop Player application, and on the opening screen, click >
About. This displays the version number of Safeguard Desktop Player and also the
underlying adp application.
l Execute the following commands from the command line in the directory where
Safeguard Desktop Player is installed:
l Windows: adp.exe --version & player.exe --version
l Linux: ./adp --version; ./player --version

Export transferred files from SCP, SFTP, and

HTTP audit trail using the GUI
The following describes how to export the files that the user transferred in an SCP, SFTP, or
HTTP session using the GUI.

To export the files that the user transferred in an SCP, SFTP, or HTTP session
using the GUI

1. Open the audit trail in the Safeguard Desktop Player application.

If the audit trail is encrypted, you need the appropriate decryption keys to open it.
For details, see Replaying encrypted audit trails.
2. Click EXPORT > Export transferred files.

SPS 7.5 Safeguard Desktop Player User Guide

67
Troubleshooting the Safeguard Desktop Player
A Select folder dialog box pops up.
3. Select the directory where you want to save the file(s). Click Choose.
Once the export process has completed, a FILES dialog box pops up, indicating the
number of files exported in brackets and listing the files that have been exported.

.zat, .zatx, and .srs files not opened

automatically
On Linux, if you are not using a Desktop Manager (for example, GNOME, KDE, Unity), and
you install the Safeguard Desktop Player with user privileges, registering the .zat, .zatx,
and .srs files to the Safeguard Desktop Player might fail. To solve this problem, perform a
system-wide installation, which means running the installer with sudo.

Problems in VirtualBox
If the fonts are not displayed correctly, or the Safeguard Desktop Player application crashes
when started in VirtualBox, enable 3D acceleration (Machine > Settings > Display >
Screen > Enable 3D Acceleration), and install VirtualBox Guest Additions.
If these do not solve the problem, see Force rendering software.

Force rendering software

Some video card drivers might have problems with OpenGL rendering: fonts do not appear
correctly, or the Safeguard Desktop Player application crashes when started with warnings
about the graphics card. If this happens, Safeguard Desktop Player tries to fall back to
software rendering, but it might fail to do so.
To force software rendering, start Safeguard Desktop Player using the Safeguard
Desktop Player - software rendering item in your application menu, or with the --
software command-line option:

l Windows: player.exe --software

l Linux: ./player --software

Cannot import CA certificate

On Microsoft Windows, you cannot import CA certificates from a shared drive.

SPS 7.5 Safeguard Desktop Player User Guide

68
Troubleshooting the Safeguard Desktop Player
Copy the certificate to a local folder and import it from there.
Also, you must install the Safeguard Desktop Player application locally, you cannot start the
player.exe file from a shared drive.

Logging
The Safeguard Desktop Player application displays important log messages on the
Warnings tab. If you increase the log level of the application above the default, additional
log messages are also displayed.

Figure 14: Warnings and logs

To specify the log level of the Safeguard Desktop Player application, use the following
command-line parameters.

l -l or --log-level <number>
l Set the log level of Safeguard Desktop Player:
l 3 - Default log level.
l 0 - Completely disables logging.
l 7 - The is most verbose level, used for debugging.
For example:

SPS 7.5 Safeguard Desktop Player User Guide

69
Troubleshooting the Safeguard Desktop Player
l Windows: player.exe --log-level 5
l Linux: ./player --log-level 5
l -o or --log-output <path-to-logfile>
l Specify the path and filename of the log file. For example:
l Windows: player.exe --log-output desktop-player.log
l Linux: ./player --log-output /tmp/desktop-player.log
l -s or --log-spec <log-spec>
l Specify different log levels for certain components of Safeguard Desktop Player.
For example:
l Windows: player.exe --log-level 3 --log-spec "bdp.core:5"
l Linux: ./player --log-level 3 --log-spec "bdp.core:5"

SPS 7.5 Safeguard Desktop Player User Guide

70
Troubleshooting the Safeguard Desktop Player
19

Keyboard shortcuts

You can use the following keyboard shortcuts to control the replay.

l Play/Pause: SPACE
l Jump to previous event: p
l Jump to next event: n
l Enable video scaling (Scale video): Ctrl + Z
l Toggle fullscreen replay: f
l Decrease replay speed: [
l Increase replay speed: ]
l Reset replay speed :=
l Jump backward, short, medium, long: Shift + Left Arrow, Alt + Left Arrow, Ctrl
+ Left Arrow
l Jump forward, short, medium, long: Shift + Right Arrow, Alt + Right Arrow, Ctrl
+ Right Arrow
l Search in trail content: Ctrl + F

SPS 7.5 Safeguard Desktop Player User Guide

71
Keyboard shortcuts
About us

About us

One Identity solutions eliminate the complexities and time-consuming processes often
required to govern identities, manage privileged accounts and control access. Our solutions
enhance business agility while addressing your IAM challenges with on-premises, cloud and
hybrid environments.

Contacting us
For sales and other inquiries, such as licensing, support, and renewals, visit
https://www.oneidentity.com/company/contact-us.aspx.

Technical support resources

Technical support is available to One Identity customers with a valid maintenance contract
and customers who have trial versions. You can access the Support Portal at
https://support.oneidentity.com/.
The Support Portal provides self-help tools you can use to solve problems quickly and
independently, 24 hours a day, 365 days a year. The Support Portal enables you to:

l Submit and manage a Service Request

l View Knowledge Base articles
l Sign up for product notifications
l Download software and technical documentation
l View how-to videos at www.YouTube.com/OneIdentity
l Engage in community discussions
l Chat with support engineers online
l View services to assist you with your product

SPS 7.5 Safeguard Desktop Player User Guide

72
About us

PEC (Phil Elec. Code) (By JVM) - Part-1
50% (2)
PEC (Phil Elec. Code) (By JVM) - Part-1
56 pages
SRS - How to build a Pen Test and Hacking Platform
From Everand
SRS - How to build a Pen Test and Hacking Platform
alasdair gilchrist
2/5 (1)
Heroku Cloud Application Development
From Everand
Heroku Cloud Application Development
Anubhav Hanjura
No ratings yet
SAP Solution Manager
From Everand
SAP Solution Manager
equitypress
4/5 (10)
McAfee DLP 9.3 Release Notes
No ratings yet
McAfee DLP 9.3 Release Notes
7 pages
Learning Embedded Android N Programming
From Everand
Learning Embedded Android N Programming
Ivan Morgillo
No ratings yet
SPS_7.5.1_InstallationGuide
No ratings yet
SPS_7.5.1_InstallationGuide
38 pages
SPS 7.3.1 InstallationGuide
No ratings yet
SPS 7.3.1 InstallationGuide
40 pages
VMware Horizon View Essentials
From Everand
VMware Horizon View Essentials
Peter von Oven
No ratings yet
SPS_6.2_InstallationGuide
No ratings yet
SPS_6.2_InstallationGuide
34 pages
Accelerated Computing With HIP: Second Edition
From Everand
Accelerated Computing With HIP: Second Edition
Yifan Sun
No ratings yet
New Seqrite EPS 7.2 Vs Escan 1.0
100% (1)
New Seqrite EPS 7.2 Vs Escan 1.0
11 pages
Professional Java Native Interfaces with SWT / JFace
From Everand
Professional Java Native Interfaces with SWT / JFace
Jackwind Li Guojie
No ratings yet
Scalabilityand High Availabilityin Safeguard
No ratings yet
Scalabilityand High Availabilityin Safeguard
21 pages
Building Telephony Systems with OpenSER
From Everand
Building Telephony Systems with OpenSER
Goncalves Flavio E.
No ratings yet
McAfee Drive Encruption Best Practices
No ratings yet
McAfee Drive Encruption Best Practices
58 pages
SPS_6.2_SecurityChecklist
No ratings yet
SPS_6.2_SecurityChecklist
7 pages
Securing Application Deployment with Obfuscation and Code Signing: How to Create 3 Layers of Protection for .NET Release Build
From Everand
Securing Application Deployment with Obfuscation and Code Signing: How to Create 3 Layers of Protection for .NET Release Build
Slava Gomzin
No ratings yet
Mastering Unix Shell Scripting: Bash, Bourne, and Korn Shell Scripting for Programmers, System Administrators, and UNIX Gurus
From Everand
Mastering Unix Shell Scripting: Bash, Bourne, and Korn Shell Scripting for Programmers, System Administrators, and UNIX Gurus
Randal K. Michael
3.5/5 (2)
Microsoft 70-685: PRO: Windows 7 Enterprise Desktop Support Technician
No ratings yet
Microsoft 70-685: PRO: Windows 7 Enterprise Desktop Support Technician
60 pages
Set Up Your Own IPsec VPN, OpenVPN and WireGuard Server: Build Your Own VPN
From Everand
Set Up Your Own IPsec VPN, OpenVPN and WireGuard Server: Build Your Own VPN
Lin Song
5/5 (1)
Cocos2d-x Intermediate Level: Elevating Your Game Development Skills: Cocos2d-x Series
From Everand
Cocos2d-x Intermediate Level: Elevating Your Game Development Skills: Cocos2d-x Series
Kameron Hussain
No ratings yet
PROTECT - Hardening Microsoft Windows 10 Version 21H1 Workstations (October 2021)
No ratings yet
PROTECT - Hardening Microsoft Windows 10 Version 21H1 Workstations (October 2021)
57 pages
Mastering Shell for DevOps: Automate, streamline, and secure DevOps workflows with modern shell scripting
From Everand
Mastering Shell for DevOps: Automate, streamline, and secure DevOps workflows with modern shell scripting
Gilbert Stew
No ratings yet
Mastering Shell for DevOps
From Everand
Mastering Shell for DevOps
Gilbert Stew
No ratings yet
Using Yocto Project with BeagleBone Black
From Everand
Using Yocto Project with BeagleBone Black
H M Irfan Sadiq
No ratings yet
Safetica Quick-Guide en 25 2022-09-07
No ratings yet
Safetica Quick-Guide en 25 2022-09-07
11 pages
Final Internal Audit Report: Operating Systems Audit - Microsoft Direct Access
No ratings yet
Final Internal Audit Report: Operating Systems Audit - Microsoft Direct Access
12 pages
Anatomy of a Robot
From Everand
Anatomy of a Robot
Charles Bergren
2.5/5 (1)
SPS_6.2_UpgradeGuide
No ratings yet
SPS_6.2_UpgradeGuide
22 pages
Analysis - Altiris 7.1 - Patch Management Solution
No ratings yet
Analysis - Altiris 7.1 - Patch Management Solution
7 pages
OneIdentitySafeguardAuthenticationServices 5.0 AdministrationGuide En-Us
No ratings yet
OneIdentitySafeguardAuthenticationServices 5.0 AdministrationGuide En-Us
217 pages
SPS 6.0 AdministrationGuide
No ratings yet
SPS 6.0 AdministrationGuide
964 pages
SPP_7.0.5 LTS_AdministrationGuide
No ratings yet
SPP_7.0.5 LTS_AdministrationGuide
660 pages
Hardening Win10
0% (1)
Hardening Win10
54 pages
ACSC HardeningWin10
No ratings yet
ACSC HardeningWin10
54 pages
Hardening_Win7_SP1
No ratings yet
Hardening_Win7_SP1
47 pages
Mastering Go Network Automation: Automating Networks, Container Orchestration, Kubernetes with Puppet, Vegeta and Apache JMeter
From Everand
Mastering Go Network Automation: Automating Networks, Container Orchestration, Kubernetes with Puppet, Vegeta and Apache JMeter
Ian Taylor
No ratings yet
Mastering Go Network Automation
From Everand
Mastering Go Network Automation
Ian Taylor
No ratings yet
Learning Robotics Using Python
From Everand
Learning Robotics Using Python
Lentin Joseph
No ratings yet
Auth Agent Install Admin Guide
No ratings yet
Auth Agent Install Admin Guide
95 pages
Free Video Editor Software Untuk Windows, Mac Dan Linux Edisi Bahasa Inggris
From Everand
Free Video Editor Software Untuk Windows, Mac Dan Linux Edisi Bahasa Inggris
Cyber Jannah Studio
No ratings yet
VMware VCloud Security
No ratings yet
VMware VCloud Security
45 pages
Learning Nagios - Third Edition
From Everand
Learning Nagios - Third Edition
Wojciech Kocjan
No ratings yet
DLP 1130 PG A00 En-Us
No ratings yet
DLP 1130 PG A00 En-Us
277 pages
CISCO PACKET TRACER LABS: Best practice of configuring or troubleshooting Network
From Everand
CISCO PACKET TRACER LABS: Best practice of configuring or troubleshooting Network
Mulayam Singh
No ratings yet
Learning AWS Lumberyard Game Development
From Everand
Learning AWS Lumberyard Game Development
Dr. Edward Lavieri
No ratings yet
Evaluation of Some Android Emulators and Installation of Android OS on Virtualbox and VMware
From Everand
Evaluation of Some Android Emulators and Installation of Android OS on Virtualbox and VMware
Dr. Hidaia Mahmood Alassouli
No ratings yet
SafeguardAuthenticationServices 5.0.2 InstallationGuide
No ratings yet
SafeguardAuthenticationServices 5.0.2 InstallationGuide
139 pages
Enhanced Security and Protection Solution Brief
No ratings yet
Enhanced Security and Protection Solution Brief
8 pages
Windows 10
100% (1)
Windows 10
59 pages
IT Inventory and Resource Management with OCS Inventory NG 1.02
From Everand
IT Inventory and Resource Management with OCS Inventory NG 1.02
Barzan 'Tony' Antal
No ratings yet
Hyper-V 2016 Best Practices
From Everand
Hyper-V 2016 Best Practices
Benedict Berger
No ratings yet
Marmalade SDK Mobile Game Development Essentials
From Everand
Marmalade SDK Mobile Game Development Essentials
Sean Scaplehorn
No ratings yet
Linux Kernel Programming: A comprehensive and practical guide to kernel internals, writing modules, and kernel synchronization
From Everand
Linux Kernel Programming: A comprehensive and practical guide to kernel internals, writing modules, and kernel synchronization
Kaiwan N. Billimoria
No ratings yet
LINUX SECURITY AND ADMINISTRATION: Safeguarding Your Linux System with Proactive Administration Practices (2024 Guide for Beginners)
From Everand
LINUX SECURITY AND ADMINISTRATION: Safeguarding Your Linux System with Proactive Administration Practices (2024 Guide for Beginners)
RANDALL BLAIR
No ratings yet
Free & Opensource Video Editor Software For Windows, Ubuntu Linux & Macintosh
From Everand
Free & Opensource Video Editor Software For Windows, Ubuntu Linux & Macintosh
Cyber Jannah Studio
No ratings yet
CA Client Automation Overview
No ratings yet
CA Client Automation Overview
19 pages
PROTECT - Hardening Microsoft Windows 10 Version 21H1 Workstations (October 2021)
No ratings yet
PROTECT - Hardening Microsoft Windows 10 Version 21H1 Workstations (October 2021)
49 pages
Advanced Multiplayer Game Development with Ureal Engine 5: A Comprehensive Guide to C++ Scripting
From Everand
Advanced Multiplayer Game Development with Ureal Engine 5: A Comprehensive Guide to C++ Scripting
Vladimir Kiselev
No ratings yet
Raspberry Pi Essentials
From Everand
Raspberry Pi Essentials
Jack Creasey
No ratings yet
Ch14 Krugman 10e
No ratings yet
Ch14 Krugman 10e
38 pages
Basic Microeconomics MODULE 1
No ratings yet
Basic Microeconomics MODULE 1
10 pages
MTL-22-03 Autothrottle Software Update Release 8.1
No ratings yet
MTL-22-03 Autothrottle Software Update Release 8.1
10 pages
Carew Myken - CTF - Challenge Planning
No ratings yet
Carew Myken - CTF - Challenge Planning
18 pages
Fin
No ratings yet
Fin
210 pages
Financial Liabilities - Bonds Payable - Practice Set (QUESTIONNAIRE)
No ratings yet
Financial Liabilities - Bonds Payable - Practice Set (QUESTIONNAIRE)
4 pages
Escano V Ortigas
No ratings yet
Escano V Ortigas
47 pages
Real Estate Agent Email List
No ratings yet
Real Estate Agent Email List
16 pages
Automotive Charging System Purpose: - Convert Mechanical Energy To Electrical Energy
No ratings yet
Automotive Charging System Purpose: - Convert Mechanical Energy To Electrical Energy
2 pages
UNLV PHD Informatics
No ratings yet
UNLV PHD Informatics
3 pages
Hagemann-Et-Al-2019-Drug-Use-Beyond-The-Licence-In-Palliative-Care-A-Systematic-Review-And-Narrative-Synthesis
No ratings yet
Hagemann-Et-Al-2019-Drug-Use-Beyond-The-Licence-In-Palliative-Care-A-Systematic-Review-And-Narrative-Synthesis
13 pages
XacBank Annual Report 2019
No ratings yet
XacBank Annual Report 2019
31 pages
FRAGOLA - 1996 - Reliability and Risk Data - An Historical Perspective
No ratings yet
FRAGOLA - 1996 - Reliability and Risk Data - An Historical Perspective
12 pages
S1-LPG-PPS-ME001 LPG Fire Water Pump Specification Rev 0
100% (4)
S1-LPG-PPS-ME001 LPG Fire Water Pump Specification Rev 0
69 pages
[FREE PDF sample] Qualitative Research in Health Care 1st Edition Immy Holloway ebooks
100% (11)
[FREE PDF sample] Qualitative Research in Health Care 1st Edition Immy Holloway ebooks
85 pages
El-Riv-271-Sd-016-Site Plan Electrical Layout-R0.
No ratings yet
El-Riv-271-Sd-016-Site Plan Electrical Layout-R0.
1 page
Elephant Conservation Lesson Plan Teacher
No ratings yet
Elephant Conservation Lesson Plan Teacher
21 pages
Vi Edit
No ratings yet
Vi Edit
5 pages
000 Method Statement
0% (1)
000 Method Statement
69 pages
Wenzhou Heli Construction Machinery Co., LTD
No ratings yet
Wenzhou Heli Construction Machinery Co., LTD
3 pages
Introducing Our Dermatology Clinic 3
No ratings yet
Introducing Our Dermatology Clinic 3
26 pages
Judge Allen Baddour ProSe Civil Litigants Survival Guide
No ratings yet
Judge Allen Baddour ProSe Civil Litigants Survival Guide
11 pages
Formation and Functions of Sebi
No ratings yet
Formation and Functions of Sebi
32 pages
JBL Clip 5_ Specsheet_EN
No ratings yet
JBL Clip 5_ Specsheet_EN
2 pages
Corporate Powers
No ratings yet
Corporate Powers
5 pages
Cleaning Debris From Guttering On An Asbestos Cement (AC) Roof
No ratings yet
Cleaning Debris From Guttering On An Asbestos Cement (AC) Roof
2 pages
Kolhapuri Chappal Craft Cluster Study
100% (2)
Kolhapuri Chappal Craft Cluster Study
54 pages
2013 Honda CB500F Owners Manual Eng
No ratings yet
2013 Honda CB500F Owners Manual Eng
125 pages
Thesis Peer Tutoring
100% (3)
Thesis Peer Tutoring
5 pages