search cancel

Session recording shows a large number of records

book

Article ID: 228967

calendar_today

Updated On:

Products

CA Privileged Access Manager (PAM)

Issue/Introduction

Session recording files get saved to the Session Recording NFS or CIFS share specified in the Configuration --> Logs --> Session Recording section of the product

The session recording share is specific of each node and it is not shared across nodes in a CA PAM Cluster, but each session recording file corresponds to a unique node and unless the encryption key is shared across nodes, like in the case of a cluster, a certain session recording file will not be viewable from a completely different node.

If two or more unrelated appliances share the same session recording share, the session recording log will show all the session recordings present in the share, irrespective of whether they belong to one or other node. Needless to say, if the appliances are unrelated it will not be possible to play the files from one appliance in another one.

 

Cause

PAM incorporate a session recording reconciliation job. This job, running on each appliance, examines the session recording share and picks up all the files present therein. If any of the files is not present in the session_recording table in PAM, the job creates a  entry for it.

This means that, irrespective if the session recording share contains data for one or other node, the job will create a record for each file found in the session_recording table of each node.

Environment

CA PAM Several versions

Resolution

The session_recording table may be purged of redundant records. Please engage support to do so