Adding devices, Managing logs, Managing authentication failure logs – H3C Technologies H3C Intelligent Management Center User Manual
Page 486: Managing authentication, Failure logs
468
2.
On the device online user list, click for a device.
A confirmation dialog box appears.
3.
Click OK.
Adding devices
1.
Access the device online user list page.
2.
Click Add in the device online user list area.
The Add Access Device page appears. For more information, see "
Managing logs
To help network administrators identify problems and audit user behaviors, UAM provides the following
logs:
•
Authentication failure logs—Record access authentication failures.
•
Access detail records—Record network access information, including the online duration, for users
that have passed access authentication.
•
Roaming access detail records—Record network access information, including the online duration,
for roaming users that have passed authentication.
•
Security logs—Record the access information of endpoint users and the detailed security events.
This field appears in the navigation tree only when the EAD component is installed. For more
information about security logs, see HP IMC EAD Security Policy Administrator Guide.
•
Authentication violation logs—Record the violations that occur in monitor mode, including setting
up proxy servers, setting IE proxy, using multiple NICs or operating systems, configuring multiple IP
addresses on a single NIC, modifying MAC addresses, configuring duplicate MAC addresses, and
obtaining IP addresses through unauthorized DHCP servers.
•
iNode driver audit—Record the driver errors of the iNode client. This field appears in the
navigation tree only when the EAD component is installed. For more information about the iNode
driver audit, see HP IMC EAD Security Policy Administrator Guide.
•
Self-service logs—Record the operations that endpoint users performed on the self-service center.
•
Device user authentication logs—Record information about successful accesses to network devices.
•
RADIUS track—Record the detailed authentication and accounting information of endpoint users.
UAM records the log when the following conditions are met:
−
UAM and the IMC platform are installed on the same server.
−
UAM specifies the log level in system operation log parameters as debugging.
•
Endpoint conflict audit logs—Record the differences of the endpoint at different times.
•
Internet access audit logs—Record user's access to the external network. This field appears in the
navigation tree only when the EAD component is installed. For more information about Internet
access audit logs, see HP IMC EAD Security Policy Administrator Guide.
Managing authentication failure logs
Authentication failure logs record information about access authentication failures. The logged
information includes the login name, user IP address, user MAC address, IP address of access device,
error code, and error cause description. This information helps administrators identify the failure cause.