Auditing sessions on target systems

All of the administrative activity that takes place through the Privileged Access Service is audited and stored as events either locally or in the Privileged Access Service. In addition, if you have installed auditing services and have an audit installation established, the administrator’s activity on the target system during a secure shell or remote desktop session can also be collected and stored in an audit database for further review and analysis.