Skip navigation

Log in to create and rate content, and to follow, bookmark, and share content with other members.

000012911 - Authentication Manager 6.x : How to show default login name in reports on the sdlog database

Document created by RSA Customer Support

on Jun 14, 2016•Last modified by RSA Customer Support

on Apr 21, 2017

Version 2Show Document

Like • Show 0 Likes0
Comment • 0
View in full screen mode

Article Content

Article Number	000012911
Applies To	RSA Authentication Manager 6.x Custom SQL
Issue	Some sites have auditing requirements to track user additions and deletions. The problem is the sdlog database usually only includes first and last names, which may not be unique at the site, and omits the indexed default login name.
Cause	There is a way to include default login name for user addition and deletion actions: set this env on the Authentication Manager or Remote Admin machine that will be running the Custom SQL Query: ENHANCED_LOGGING=YES With this env set, the sql query "select * from sdlogentry" will return many more records for a user deletion event (see below) and will include the previously missing default login name.
Resolution	Sample expected output using Enhanced Logging after a user is deleted: "3757488","09/18/2008","14:07:27","09/18/2008","10:07:27","4017","David Carlstrom","carlstrd","","","","","ace6prim.corp.espn.pvt","Test Dave","0","0","0" "3757487","09/18/2008","14:07:27","09/18/2008","10:07:27","4017","davetest","carlstrd","","","","","Profile","?davetest","0","0","0" "3757486","09/18/2008","14:07:27","09/18/2008","10:07:27","4017","davetest","carlstrd","","","","Sun:AAAAAAAAAAAAAAAAAAAAAAAA","Access Time","?davetest","0","0","0" "3757485","09/18/2008","14:07:27","09/18/2008","10:07:27","4017","davetest","carlstrd","","","","Sat:AAAAAAAAAAAAAAAAAAAAAAAA","Access Time","?davetest","0","0","0" "3757484","09/18/2008","14:07:27","09/18/2008","10:07:27","4017","davetest","carlstrd","","","","Fri:AAAAAAAAAAAAAAAAAAAAAAAA","Access Time","?davetest","0","0","0" "3757483","09/18/2008","14:07:27","09/18/2008","10:07:27","4017","davetest","carlstrd","","","","Thu:AAAAAAAAAAAAAAAAAAAAAAAA","Access Time","?davetest","0","0","0" "3757482","09/18/2008","14:07:27","09/18/2008","10:07:27","4017","davetest","carlstrd","","","","Wed:AAAAAAAAAAAAAAAAAAAAAAAA","Access Time","?davetest","0","0","0" "3757481","09/18/2008","14:07:27","09/18/2008","10:07:27","4017","davetest","carlstrd","","","","Tue:AAAAAAAAAAAAAAAAAAAAAAAA","Access Time","?davetest","0","0","0" "3757480","09/18/2008","14:07:27","09/18/2008","10:07:27","4017","davetest","carlstrd","","","","Mon:AAAAAAAAAAAAAAAAAAAAAAAA","Access Time","?davetest","0","0","0" "3757479","09/18/2008","14:07:27","09/18/2008","10:07:27","4017","davetest","carlstrd","","","","no","Temporary User","?davetest","0","0","0" "3757478","09/18/2008","14:07:27","09/18/2008","10:07:27","4017","davetest","carlstrd","","","","","Default Shell","?davetest","0","0","0" "3757477","09/18/2008","14:07:27","09/18/2008","10:07:27","4017","davetest","carlstrd","","","","yes","Must Create Pin","?davetest","0","0","0" "3757476","09/18/2008","14:07:27","09/18/2008","10:07:27","4017","davetest","carlstrd","","","","yes","May Create Pin","?davetest","0","0","0" "3757475","09/18/2008","14:07:27","09/18/2008","10:07:27","4017","davetest","carlstrd","","","","davetest","Default Login","?davetest","0","0","0" "3757474","09/18/2008","14:07:27","09/18/2008","10:07:27","4017","davetest","carlstrd","","","","Test","First Name","?davetest","0","0","0" "3757473","09/18/2008","14:07:27","09/18/2008","10:07:27","4017","davetest","carlstrd","","","","Dave","Last Name","?davetest","0","0","0" "3757471","09/18/2008","14:07:13","09/18/2008","10:07:13","4014","David Carlstrom","carlstrd","","","","","ace6prim.corp.espn.pvt","Test Dave","0","0","0" "3757470","09/18/2008","14:07:13","09/18/2008","10:07:13","4002","davetest","carlstrd","","","","/bin/sh","Default Shell","?davetest","0","0","0" "3757469","09/18/2008","14:07:13","09/18/2008","10:07:13","4002","davetest","carlstrd","","","","no","Must Create Pin","?davetest","0","0","0" "3757468","09/18/2008","14:07:13","09/18/2008","10:07:13","4002","
Legacy Article ID	a42438

Attachments

Outcomes

0 Comments

Recommended Content