beautypg.com

Managing audit logs, Viewing the audit log list – H3C Technologies H3C Intelligent Management Center User Manual

Page 124

background image

115

{

Colon (:)

{

Pound sign (#)

{

Dollar sign ($)

This parameter is available when you select TXT for File Format.

6.

Click OK.
This process might take a few minutes or longer, depending on the size of the authorization logs
to be exported.
After export, the operation result pages show the total number of exported logs and the number of
failures. If failure exists, click Download to download or view the reasons for failure in the

operation log.

7.

To return to the Authorization Log list, click Back.

8.

To view the operation results from the last export operation, click Last Export Result.

Managing audit logs

Audit logs record users' login, logoff, and online behaviors.
Audit logs have the following types:

Audit start log—TAM records an audit start log when a user logs in to a device.

Audit end log—TAM records an audit end log when a user logs off a device.

Audit update log—TAM records an audit update log when it receives watchdog packets from the
device. Watchdog packets are periodically sent by the device to TAM to declare that it is still online.

Enter-command-at-CLI log—TAM records an Enter-command-at-CLI log each time a device user
executes a command.

Clear-online-data log—TAM records a Clear-online-data log when an operator manually clears
online user information. For more information, see "

Clearing online user information

."

Age-online-data log—TAM records an Age-online-data log when TAM clears aged online users
according to the Aging Time specified in the system parameter configuration.

Viewing the audit log list

To view the audit log list:

1.

Click the User tab.

2.

On the navigation tree, select Device User > Log Management > Audit Logs.
The Audit Log list displays all audit logs. It includes the following columns:

{

Login Name—Username sent by the device to TAM, which is not the username that a device
user enters when logging in to the device. The login name of a device user contains redundant

information, and must be extracted. TAM matches the extracted login name against the account
name and authenticates the user. The rules for extracting the login name are configured in

system parameter configuration. For more information, see "

Configuring system parameters

."

{

Account Name—Account name of the device user.
Accounts with the name followed by #delete0# are cancelled accounts. Click the account
name of a device user to view the user details. For more information about device user details,

see "

Viewing device user details

."

See also other documents in the category H3C Technologies Safety: