RSA Authentication Manager Log Messages (10001-10060)
The following table lists AM log messages based on the event category and action ID from 10001 to 10060. It also lists the corresponding action key, description, and log message. The log message has placeholders in the “{number}” format, which represents actual data in the logs and Activity Monitor.
Use this table to understand simple network management protocol (SNMP) trap information captured by a network management system. For more information on the information displayed by the object identifier structure (OID) in the SNMP trap, see RSA Authentication Manager SNMP.
Event Category | Action ID | Action Key | Description | Message |
eventAdmin | 10001 | CREATE_REALM | Create realm | Administrator “{0}” attempted to create realm “{4}” |
eventAdmin | 10002 | DELETE_REALM | Delete realm | Administrator “{0}” attempted to delete realm “{4}” |
eventAdmin | 10003 | UPDATE_REALM | Update realm | Administrator “{0}” attempted to update realm “{4}” |
eventAdmin | 10004 | READ_REALM | Read realm | Administrator “{0}” attempted to read realm “{4}” |
eventAdmin | 10005 | CREATE_SECURITY_DOMAIN | Create security domain | Administrator “{0}” attempted to create security domain “{4}”. The fully qualified name of the domain is “{11}” |
eventAdmin | 10006 | DELETE_SECURITY_DOMAIN | Delete security domain | Administrator “{0}” attempted to delete security domain “{4}”. The fully qualified name of the domain is “{11}” |
eventAdmin | 10007 | UPDATE_SECURITY_DOMAIN | Update security domain | Administrator “{0}” attempted to update security domain “{4}”. The fully qualified name of the domain is “{11}” |
eventAdmin | 10008 | READ_SECURITY_DOMAIN | Read security domain | Administrator “{0}” attempted to read security domain “{4}”. The fully qualified name of the domain is “{11}” |
eventAdmin | 10009 | CREATE_IDENTITY_SOURCE | Register identity source | Administrator “{0}” attempted to register identity source “{6}” |
eventAdmin | 10010 | DELETE_IDENTITY_SOURCE | Delete registration of identity source | Administrator “{0}” attempted to delete the registration of identity source “{6}” |
eventAdmin | 10011 | UPDATE_IDENTITY_SOURCE | Update registration of identity source | Administrator “{0}” attempted to update the registration of identity source “{6}” |
eventAdmin | 10012 | CLEANUP_IDENTITY | Clean up identity source | Administrator “{0}” attempted to clean up identity sources |
eventAdmin | 10013 | CREATE_ATTRIBUTE | Create attribute | Administrator “{0}” attempted to create attribute “{4}” ; to be managed in security domain “{5}” |
eventAdmin | 10014 | READ_ATTRIBUTE | Read attribute | Administrator “{0}” attempted to read attribute “{4}” ; managed in security domain “{5}” |
eventAdmin | 10015 | UPDATE_ATTRIBUTE | Update attribute | Administrator “{0}” attempted to update attribute “{4}” ; managed in security domain “{5}” |
eventAdmin | 10016 | DELETE_ATTRIBUTE | Delete attribute | Administrator “{0}” attempted to delete attribute “{4}” ; managed in security domain “{5}” |
eventAdmin | 10017 | CREATE_ATTRIBUTE | Map attribute | Administrator “{0}” attempted to map attribute “{4}” ; managed in security domain “{5}” to “{8}” |
eventAdmin | 10018 | READ_ATTRIBUTE_MAPPING | Read attribute mapping | Administrator “{0}” attempted to read attribute mapping “{4}”’s ; managed in security domain “{5}” |
eventAdmin | 10019 | DELETE_ATTRIBUTE | Delete attribute mapping | Administrator “{0}” attempted to delete the mapping of attribute “{4}” ; managed in security domain “{5}” to “{8}” |
eventAdmin | 10020 | CREATE_ADMIN_ROLE | Create administrative role | Administrator “{0}” attempted to create administrative role “{4}” ; to be managed in security domain “{5}” |
eventAdmin | 10021 | DELETE_ADMIN_ROLE | Delete administrative role | Administrator “{0}” attempted to delete administrative role “{4}” ; managed in security domain “{5}” |
eventAdmin | 10022 | READ_ADMIN_ROLE | Read administrative role | Administrator “{0}” attempted to read administrative role “{4}” ; managed in security domain “{5}” |
eventAdmin | 10023 | UPDATE_ADMIN_ROLE | Update administrative role | Administrator “{0}” attempted to update administrative role “{4}” ; managed in security domain “{5}” |
eventAdmin | 10024 | LINK_PRINCIPAL_ADMIN | Associate principal with administrative role | Administrator “{0}” attempted to associate principal “{8}” ; stored in identity source “{10}” and managed in security domain “{9}” |
eventAdmin | 10025 | UNLINK_PRINCIPAL_ADMIN | Disassociate principal from administrative role | Administrator “{0}” attempted to disassociate principal “{8}” ; stored in identity source “{10}” and managed in security domain “{9}” |
eventAdmin | 10026 | CREATE_AUTH_POLICY | Create authentication policy | Administrator “{0}” attempted to create authentication policy “{4}” ; to be managed in security domain “{5}” |
eventAdmin | 10027 | DELETE_AUTH_POLICY | Delete authentication policy | Administrator “{0}” attempted to delete authentication policy “{4}” ; managed in security domain “{5}” |
eventAdmin | 10028 | UPDATE_AUTH_POLICY | Update authentication policy | Administrator “{0}” attempted to update authentication policy “{4}” ; managed in security domain “{5}” |
eventAdmin | 10029 | READ_AUTH_POLICY | Read authentication policy | Administrator “{0}” attempted to view authentication policy “{4}” ; managed in security domain “{5}” |
eventAdmin | 10030 | CREATE_PWD_POLICY | Create password policy | Administrator “{0}” attempted to create password policy “{4}” ; to be managed in security domain “{5}” |
eventAdmin | 10031 | DELETE_PWD_POLICY | Delete password policy | Administrator “{0}” attempted to delete password policy “{4}” ; managed in security domain “{5}” |
eventAdmin | 10032 | UPDATE_PWD_POLICY | Update password policy | Administrator “{0}” attempted to update password policy “{4}” ; managed in security domain “{5}” |
eventAdmin | 10033 | READ_PWD_POLICY | Read password policy | Administrator “{0}” attempted to view password policy “{4}” ; managed in security domain “{5}” |
eventAdmin | 10034 | CREATE_LOCKOUT_POLICY | Create lockout policy | Administrator “{0}” attempted to create lockout policy “{4}” ; to be managed in security domain “{5}” |
eventAdmin | 10035 | DELETE_LOCKOUT_POLICY | Delete lockout policy | Administrator “{0}” attempted to delete lockout policy “{4}” ; managed in security domain “{5}” |
eventAdmin | 10036 | UPDATE_LOCKOUT_POLICY | Update lockout policy | Administrator “{0}” attempted to update lockout policy “{4}” ; managed in security domain “{5}” |
eventAdmin | 10037 | READ_LOCKOUT_POLICY | Read lockout policy | Administrator “{0}” attempted to view lockout policy “{4}” ; managed in security domain “{5}” |
eventAdmin | 10038 | UNLINK_SECURITY_DOMAIN | Unlink security domain policies | Administrator “{0}” attempted to unlink polices from security domain “{4}” |
eventAdmin | 10039 | CREATE_GROUP | Create group | Administrator “{0}” attempted to create group “{4}” ; to be stored in identity source “{6}” and managed in security domain “{5}” |
eventAdmin | 10040 | UPDATE_GROUP | Update group | Administrator “{0}” attempted to update group “{4}” ; stored in identity source “{6}” and managed in security domain “{5}” |
eventAdmin | 10041 | REGISTER_GROUP | Register group | Administrator “{0}” attempted to register group “{4}” ; stored in identity source “{6}” and managed in security domain “{5}” |
eventAdmin | 10042 | UNREGISTER_GROUP | Unregister group | Administrator “{0}” attempted to unregister group “{4}” ; stored in identity source “{6}” and managed in security domain “{5}” |
eventAdmin | 10043 | READ_GROUP | Read group | Administrator “{0}” attempted to read group “{4}” ; stored in identity source “{6}” and managed in security domain “{5}” |
eventAdmin | 10044 | DELETE_GROUP | Delete group | Administrator “{0}” attempted to delete group “{4}” ; stored in identity source “{6}” and managed in security domain “{5}” |
eventAdmin | 10045 | LINK_GROUP_GROUP | Associate group with group | Administrator “{0}” attempted to associate group “{4}” ; stored in identity source “{6}” and managed in security domain “{5}” |
eventAdmin | 10046 | UNLINK_GROUP_GROUP | Disassociate group from group | Administrator “{0}” attempted to disassociate group “{4}” ; stored in identity source “{6}” and managed in security domain “{5}” |
eventAdmin | 10047 | LINK_GROUP_PRINCIPAL | Associate group with principal | Administrator “{0}” attempted to associate group “{4}” ; stored in identity source “{6}” and managed in security domain “{5}” |
eventAdmin | 10048 | UNLINK_GROUP_PRINCIPAL | Disassociate Group from Principal | Administrator “{0}” attempted to disassociate group “{4}” ; stored in identity source “{6}” and managed in security domain “{5}” |
eventAdmin | 10049 | FIND_ORPHANED_GROUPS | Find unresolvable groups | Administrator “{0}” attempted to find unresolvable groups in identity source “{4}” |
eventAdmin | 10050 | REMOVE_ORPHANED | Remove unresolvable groups | Administrator “{0}” attempted to clean up unresolvable groups in identity source “{4}” |
eventAdmin | 10051 | CREATE_PRINCIPAL | Create principal | Administrator “{0}” attempted to create principal “{4}” ; to be stored in identity source “{6}” and managed in security domain “{5}” |
eventAdmin | 10052 | REGISTER_PRINCIPAL | Register principal | Administrator “{0}” attempted to register principal “{4}” ; stored in identity source “{6}” and managed in security domain “{5}” |
eventAdmin | 10053 | UNREGISTER_PRINCIPAL | Unregister principal | Administrator “{0}” attempted to unregister principal “{4}” ; stored in identity source “{6}” and managed in security domain “{5}” |
eventAdmin | 10054 | DELETE_PRINCIPAL | Delete principal | Administrator “{0}” attempted to delete principal “{4}” ; stored in identity source “{6}” and managed in security domain “{5}” |
eventAdmin | 10055 | UPDATE_PRINCIPAL | Update principal | User “{0}” attempted to update principal “{4}” ; stored in identity source “{6}” and managed in security domain “{5}” |
eventAdmin | 10056 | READ_PRINCIPAL | Read principal | Administrator “{0}” attempted to read principal “{4}” ; stored in identity source “{6}” and managed in security domain “{5}” |
eventAdmin | 10057 | FIND_ORPHANED | Find unresolvable users | Administrator “{0}” attempted to find unresolvable users in identity source “{4}” |
eventAdmin | 10059 | CREATE_PRINCIPAL | Assign console preferences to principal | Administrator “{0}” attempted to assign preferences to principal “{4}” ; stored in identity source “{6}” and managed in security domain “{5}” |
eventAdmin | 10060 | DELETE_PRINCIPAL | Remove console preferences for principal | Administrator “{0}” attempted to remove preferences for principal “{4}” ; stored in identity source “{6}” and managed in security domain “{5}” |
Related Articles
Authentication Manager Log Messages (13001-13008) Number of Views Authentication Manager Log Messages (20061-20120) Number of Views Authentication Manager Log Messages (20001-20060) Number of Views Log Messages Number of Views Authentication Manager Log Messages (10061-10250) Number of Views
Trending Articles
Passwordless Authentication in Windows MFA Agent for Active Directory – Quick Setup Guide RSA Authentication Manager 8.9 Release Notes (January 2026) RSA Authentication Manager Upgrade Process RSA Authentication Manager 8.7 SP2 Setup and Configuration Guide An example of SSO using SAML and ADFS with RSA Identity Management and Governance 6.9.x
