Skip navigation

Log in to create and rate content, and to follow, bookmark, and share content with other members.

AnsweredAssumed Answered

Audit in SA 10.3.4

Question asked by A1o3d4w1xoJBoB34hWfAmYNJF8ch5055SPqO77hdmrs= on Sep 24, 2014
Latest reply on Oct 8, 2014 by Deepanshu Sood

Like • Show 0 Likes0
Comment • 5

Dear All,

In SA 10.3.5 I need to capture admin activity log regarding

- login

- logout

- failed login

In Envision, there was reports regarding these informations, but I don't find in SA.

Can you help me please?

Thanks a lot

sam

No one else has this question

Outcomes

5 Replies

SeffyGHops Sep 24, 2014 2:46 PM
Mark Correct
Correct Answer
I spoke with one of the product experts and he says this is now possible in version 10.4 and is working on a parser which he will post here. He is checking to see if it will work in 10.3.4.
Like • Show 0 Likes0
Actions
RSA Admin Sep 25, 2014 2:05 PM
Mark Correct
Correct Answer
We had been told previously, aka 10.3.3, /var/log/messages was it.... until 10.4.
Like • Show 0 Likes0
Actions
Leonard Chvilicek Oct 1, 2014 10:28 PM
Mark Correct
Correct Answer
This might be helpful

Security Analytics Parser v2.0.zip
Like • Show 0 Likes0
Actions
- A1o3d4w1xoJBoB34hWfAmYNJF8ch5055SPqO77hdmrs= @ Leonard Chvilicek on Oct 2, 2014 2:07 AM
  Mark Correct
  Correct Answer
  Thanks a lot Leornard.
  I really appreciate it.
  Like • Show 0 Likes0
  Actions
- Deepanshu Sood @ Leonard Chvilicek on Oct 8, 2014 3:12 AM
  Mark Correct
  Correct Answer
  Hello leonardc,
  
  Thanks for sharing this useful parser, but I am not able to download the same.
  Will you please upload it again or send it to me directly?
  
  Thanks in advance.
  Like • Show 0 Likes0
  Actions

Recommended Content