000012911 - Authentication Manager 6.x : How to show default login name in reports on the sdlog database

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000012911
Applies ToRSA Authentication Manager 6.x
Custom SQL
IssueSome sites have auditing requirements to track user additions and deletions. The problem is the sdlog database usually only includes first and last names, which may not be unique at the site, and omits the indexed default login name.
CauseThere is a way to include default login name for user addition and deletion actions:
set this env on the Authentication Manager or Remote Admin machine that will be running the Custom SQL Query:
ENHANCED_LOGGING=YES
With this env set, the sql query "select * from sdlogentry" will return many more records for a user deletion event (see below) and will include the previously missing default login name.
ResolutionSample expected output using Enhanced Logging after a user is deleted:

"3757488","09/18/2008","14:07:27","09/18/2008","10:07:27","4017","David Carlstrom","carlstrd","","","","","ace6prim.corp.espn.pvt","Test Dave","0","0","0"

"3757487","09/18/2008","14:07:27","09/18/2008","10:07:27","4017","davetest","carlstrd","","","","","Profile","?davetest","0","0","0"

"3757486","09/18/2008","14:07:27","09/18/2008","10:07:27","4017","davetest","carlstrd","","","","Sun:AAAAAAAAAAAAAAAAAAAAAAAA","Access Time","?davetest","0","0","0"

"3757485","09/18/2008","14:07:27","09/18/2008","10:07:27","4017","davetest","carlstrd","","","","Sat:AAAAAAAAAAAAAAAAAAAAAAAA","Access Time","?davetest","0","0","0"

"3757484","09/18/2008","14:07:27","09/18/2008","10:07:27","4017","davetest","carlstrd","","","","Fri:AAAAAAAAAAAAAAAAAAAAAAAA","Access Time","?davetest","0","0","0"

"3757483","09/18/2008","14:07:27","09/18/2008","10:07:27","4017","davetest","carlstrd","","","","Thu:AAAAAAAAAAAAAAAAAAAAAAAA","Access Time","?davetest","0","0","0"

"3757482","09/18/2008","14:07:27","09/18/2008","10:07:27","4017","davetest","carlstrd","","","","Wed:AAAAAAAAAAAAAAAAAAAAAAAA","Access Time","?davetest","0","0","0"

"3757481","09/18/2008","14:07:27","09/18/2008","10:07:27","4017","davetest","carlstrd","","","","Tue:AAAAAAAAAAAAAAAAAAAAAAAA","Access Time","?davetest","0","0","0"

"3757480","09/18/2008","14:07:27","09/18/2008","10:07:27","4017","davetest","carlstrd","","","","Mon:AAAAAAAAAAAAAAAAAAAAAAAA","Access Time","?davetest","0","0","0"

"3757479","09/18/2008","14:07:27","09/18/2008","10:07:27","4017","davetest","carlstrd","","","","no","Temporary User","?davetest","0","0","0"

"3757478","09/18/2008","14:07:27","09/18/2008","10:07:27","4017","davetest","carlstrd","","","","","Default Shell","?davetest","0","0","0"

"3757477","09/18/2008","14:07:27","09/18/2008","10:07:27","4017","davetest","carlstrd","","","","yes","Must Create Pin","?davetest","0","0","0"

"3757476","09/18/2008","14:07:27","09/18/2008","10:07:27","4017","davetest","carlstrd","","","","yes","May Create Pin","?davetest","0","0","0"

"3757475","09/18/2008","14:07:27","09/18/2008","10:07:27","4017","davetest","carlstrd","","","","davetest","Default Login","?davetest","0","0","0"

"3757474","09/18/2008","14:07:27","09/18/2008","10:07:27","4017","davetest","carlstrd","","","","Test","First Name","?davetest","0","0","0"

"3757473","09/18/2008","14:07:27","09/18/2008","10:07:27","4017","davetest","carlstrd","","","","Dave","Last Name","?davetest","0","0","0"

"3757471","09/18/2008","14:07:13","09/18/2008","10:07:13","4014","David Carlstrom","carlstrd","","","","","ace6prim.corp.espn.pvt","Test Dave","0","0","0"

"3757470","09/18/2008","14:07:13","09/18/2008","10:07:13","4002","davetest","carlstrd","","","","/bin/sh","Default Shell","?davetest","0","0","0"

"3757469","09/18/2008","14:07:13","09/18/2008","10:07:13","4002","davetest","carlstrd","","","","no","Must Create Pin","?davetest","0","0","0"

"3757468","09/18/2008","14:07:13","09/18/2008","10:07:13","4002","

Legacy Article IDa42438

Attachments

    Outcomes