beautypg.com

8 choosing a policy for the audit log – HP OneView User Manual

Page 54

background image

Description

Token

The user session ID associated with the message

Session ID

The URI of the task resource associated with the message

Task ID

The client (browser) IP address identifies the client machine that initiated the request

Client host/IP

The result of the action, which can be one of the following values:

SUCCESS

FAILURE

SOME_FAILURES

CANCELED

KILLED

Result

A description of the action, which can be one of the following values:

CANCELED

UNSETUP

LIST

ADD

MODIFY

LOGIN

DEPLOY

ENABLE

DISABLE

DELETE

LOGOUT

START

DONE

SAVE

ACCESS

DOWNLOAD_START

KILLED

SETUP

RUN

Action

A description of the severity of the event, which can be one of the following values, listed in
descending order of importance:

INFO

NOTICE

WARNING

ERROR

ALERT

CRITICAL

Severity

For REST API category information, see the HP OneView REST API Reference in the online help.

Resource category

The resource URI/name associated with the task

Resource URI/name

The output message that appears in the audit log

Message

Example 1 Sample audit entries: user login and logout

2013-09-16 14:55:20.706 CST,Authentication,,,administrator,jrWI9ych,,,
SUCCESS,LOGIN,INFO,CREDENTIAL,,Authentication SUCCESS

.
.
.

2013-09-16 14:58:15.201 CST,Authentication,,,MISSING_UID,jrWI9ych,,,
SUCCESS,LOGOUT,INFO,CREDENTIAL,,TERMINATING SESSION

3.8 Choosing a policy for the audit log

Choose a policy for downloading and examining the audit log.

The audit log contains a record of actions performed on the appliance, which you can use for
individual accountability. As the audit log gets larger, older information is deleted. To maintain a
long-term audit history, you must periodically download and save the audit log.

For more information about the audit log, see

“Understanding the audit log” (page 53)

.

54

Understanding the security features of the appliance