When logging in to the Self Service Console or Security Console directly, authentication logs show "N/A" as the agent, wiith the Agent Type listed with a value of 0, 7 or 8.
The Authentication Activity report includes this column, but there is no documentation to explain the meaning of the numeric value.
In the Real-Time Authentication Activity monitor or the Authentication Activity Report, the Agent Types are categorized as follows:
Agent Type 0 = Password authentication for the Security Console, Self-Service Console and Operations Console. Agent Type 7 = Authentication from authentication agents (i. e., Authentication Agent for Web, PAM, Windows, Native_SecurID, Local Authentication Client, etc) and from RADIUS clients. Agent Type 8 = Passcode authentication for the Security Console and the Self-Service Console.
Sample authentication activity details:
Date & Time: 2015-09-22 12:50:58.397 Log Level: INFO Activity Key: Principal authentication Description: User “rsatest” attempted to authenticate using authenticator “SecurID_Native”. The user belongs to security domain “SystemDomain” Action Result Key: Success Result Key: AUTHN_METHOD_SUCCESS Result: Authentication method success User ID: rsatest User First Name: RSA User Last Name: Test1 User Security Domain: SystemDomain User Identity Source Name: Internal Database Agent Type: 7
Please note that Authentication Manager does not differentiate authentications from the Self-Service Console, the Security Console and/or the Operations Console in the Authentication Activity reports.